What are API Signature and Certificate credentials?
API credentials identify you as a PayPal Business account holder authorised to perform API operations. There are 2 authentication methods to choose from:
- API Signature: We use a username, password, and a unique string of numbers and letters to identify your account. API Signature credentials don’t expire and are easier to implement and more commonly used.
- API Certificate: We use a username, password, and a downloadable certificate to identify your account. API Certificate credentials are valid for 3 years, and you must renew them before they expire. We recommend this method for optimal security.
You can integrate PayPal's payment solutions with an Application Programming Interface (API) with your online store or shopping cart. Find out which API credentials you'll need from your shopping cart provider or web developer.
How do I request API credentials?
Here's how to request API credentials from a web browser:
- Go to Account Setting.
- Click Update next to API Access.
- Under "NVP/SOAP API integration", click Manage API credentials.
- Select “Request API signature” or “Request API certificate”, depending on your shopping cart requirements.
- Click Agree and Submit.
- We’ll generate your API credentials.
How do I install my API credentials?
Once you’ve requested your API Signature or API Certificate credentials, you must install them. You install them in your application or shopping cart or insert them into your custom code.
- Copy and paste the API Username, Password, and Signature into your shopping cart’s configuration or administration screen for preconfigured shopping carts.
- For custom shopping carts: Store the API credentials in a secure location with limited access.
- If you’re using PayPal SDKs, you might need to encrypt the certificate before installing it.
- You may need to contact your shopping cart provider if you’re using third-party shopping cart software. Ask for advice on how to install the new certificate.
- You must place the new certificate on your server if you have a custom integration. Please confirm with your developer or system administrator where you need to place the certificate.
How do I renew or change my API credentials?
Here's how to renew or change your existing API Signature or Certificate credentials from a web browser:
- If you have an application currently using an API, removing or changing an API will break this integration.
- If you have 2 active certificates, you must remove one to renew any API Certificate.
- If you'd like to delete the API signature, click Remove under Manage API credentials.
- Go to our Developer portal for more information on creating and managing API Credentials.