PayPal API Certificate Authentication

With the PayPal API there are two methods of authentication: an API Signature and API Certificate.

Up until SubscriptionBoss version 0.98 only the API signature was supported but with the release of version 0.99 you have the ability to authenticate PayPal API transactions using an API Certificate.

PayPal PayFlow Users Authenticate Using an API Certificate

For most users using a signature is the simpler option however for PayFlow Pro users which already have a API certificate then this is the preferred option.

How To Request and Install an PayPal API Certificate

PayPal has some instructions on requesting a certificate including screenshots.

Here is the short version:

  • Log in to your PayPal Account
  • click on the Profile menu and choose Account Settings
  • click on API Access
  • click on Request API Credentials
  • Choose the option to Request an API Certificate
  • Copy the API Username and save in SubscriptionBoss settings
  • Copy the API Password and save in SubscriptionBoss settings
  • Download the API Certificate
  • FTP the certificate on to your web server and place it in a folder above the webroot of the site. So, for example, if the webroot is /var/www/vhosts/ , then place the file in /var/www/vhosts/
  • Enter the file path in the API Certificate field in SubscriptionBoss Settings
  • Click on Save. If it finds the file then a green tick will appear alongside the field; if it cannot find the file then a red cross will appear.

Screenshot of SubscriptionBoss settings showing where to add PayPal API Certificate Details

Things To Watch Out For

If you change from using an API Signature to using an API Certificate then remember that while the API Username for the certificate will probably be the same as for the API Username for the Signature, the API Password will be different.

If the password is wrong then the user will be sent to the SubscriptionBoss error page which displays a PayPal error message: Authentication/Authorization Failed (10002) message.

So therefore make sure that the PayPal API Password on SubscriptionBoss matches the password that appears on the page on PayPal where you can download the certificate.

Leave a Reply