node package manager



Continuous integration status:

Build Status Coverage Status

NPM status:

NPM version Dependency Status

Repository for PayPal's Node SDK (node.js version >=0.6.x) and Node samples for REST API. For a full working app and documentation, have a look at the PayPal Node SDK Page.

v1.0.0 notice: If upgrading from paypal rest sdk 0.*, Please view Breaking Changes in

The Payment Card Industry (PCI) Council has mandated that early versions of TLS be retired from service. All organizations that handle credit card information are required to comply with this standard. As part of this obligation, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections. See the PayPal TLS Update repository for more information.

**TLSv1_2 warning: Due to PCI compliance, merchant servers using a version of TLS that does not support TLSv1_2 will receive a warning.

**To verify that your server supports PCI compliant version of TLS, run this sample with your sandbox credentials.


npm install paypal-rest-sdk


To write an app using the SDK

  • Register for a developer account and get your client_id and secret at PayPal Developer Portal.

  • Add dependency 'paypal-rest-sdk' in your package.json file.

  • Require 'paypal-rest-sdk' in your file

    var paypal = require('paypal-rest-sdk');
  • Create config options, with parameters (mode, client_id, secret).

      'mode': 'sandbox', //sandbox or live 
      'client_id': 'EBWKjlELKMYqRNQ6sYvFo64FtaRLRR5BdHEESmha49TM',
      'client_secret': 'EO422dn3gQLgDbuwqTjzrFgFtaRLRR5BdHEESmha49TM'
  • For multiple configuration support, have a look at the sample

  • Invoke the rest api (eg: store a credit card) with required parameters (eg: data, config_options, callback).

    var card_data = {
      "type": "visa",
      "number": "4417119669820331",
      "expire_month": "11",
      "expire_year": "2018",
      "cvv2": "123",
      "first_name": "Joe",
      "last_name": "Shopper"
    paypal.creditCard.create(card_data, function(error, credit_card){
      if (error) {
        throw error;
      } else {
        console.log("Create Credit-Card Response");
  • For creating Subscription Payments, check out the samples for creating planned sets of future recurring payments at periodic intervals.

  • To create Future Payments, check out this sample for executing future payments for a customer who has granted consent on a mobile device.

  • For exploring additional payment capabilites, such as handling discounts, insurance, soft_descriptor and invoice_number, have a look at this example. These bring REST payment functionality closer to parity with older Merchant APIs.

  • Customizing a PayPal payment experience is available as of version 1.1.0 enabling merchants to provide a customized experience to consumers from the merchant’s website to the PayPal payment. Get started with the supported rest methods and samples.

  • For creating and managing Orders, i.e. getting consent from buyer for a purchase but only placing the funds on hold when the merchant is ready to fulfill the order, have a look at samples.

  • For creating batch and single payouts, check out the samples for payouts and payout items. The Payouts feature enables you to make PayPal payments to multiple PayPal accounts in a single API call.

  • For Invoicing, check out the samples to see how you can use the node sdk to create, send and manage invoices.

  • To receive notifications from PayPal about Payment events on your server, webhook support is now available as of version 1.2.0. For creating and managing Webhook and Webhook Events, check out the samples to see how you can use the node sdk to manage webhooks, webhook events and verify that the response unaltered and is really from PayPal. Please follow the Webhook Validation sample to understand how to verify the authenticity of webhook messages. It is also important to note that simulated messages generated using the Webhook simulator would not be compatible with the verification process since they are only mock data.

  • To use OpenID Connect

    // OpenID configuration 
      'openid_client_id': 'CLIENT_ID',
      'openid_client_secret': 'CLIENT_SECRET',
      'openid_redirect_uri': '' });
    // Authorize url 
    paypal.openIdConnect.authorizeUrl({'scope': 'openid profile'});
    // Get tokeninfo with Authorize code 
    paypal.openIdConnect.tokeninfo.create("Replace with authorize code", function(error, tokeninfo){
    // Get tokeninfo with Refresh code 
    paypal.openIdConnect.tokeninfo.refresh("Replace with refresh_token", function(error, tokeninfo){
    // Get userinfo with Access code 
    paypal.openIdConnect.userinfo.get("Replace with access_code", function(error, userinfo){
    // Logout url 
    paypal.openIdConnect.logoutUrl("Replace with tokeninfo.id_token");

Running Samples

Instructions for running samples are located in the sample directory.

Running Tests

To run the test suite first invoke the following command within the repo

If Grunt is not installed:

npm install -g grunt-cli

If Mocha is not installed:

npm install -g mocha

To install the development dependencies (run where the package.json is):

npm install

Run the tests:

grunt test (timeout is specified in milliseconds eg: 15000ms)

To run the tests without the mocks:

NOCK_OFF=true mocha -t 60000


  • As of version 1.6.2, full request/response are logged for non production environments with NODE_ENV=development set

    You can set the environment variable on the command line by running NODE_ENV=development node <path of script> or by executing export NODE_ENV=development and then running your Node.js script. Please see your command terminal/shell's manual pages for specific information.

  • It is recommended to provide Paypal-Debug-Id if requesting PayPal Merchant Technical Services for support. You can get access to the debug id by setting environment variable NODE_ENV=development.

  • The error object returned for any bad request has error.response populated with details. NODE_ENV=development setting also gives you access to stringfied response in error messages.


[REST API Reference] (


  • If you would like to contribute, please fork the repo and send in a pull request.
  • Please ensure you run grunt before sending in the pull request.


Code released under SDK LICENSE


Pull requests and new issues are welcome. See for details.