• PayPal App Help
  • My Account
  • My Money
  • Payments
  • PayPal Credit
  • Disputes & Limitations
  • Products & Services
  • Merchant
  • US Tax Information
  • Non-Profits and Donations

What are API Signature and Certificate credentials?

API credentials identify you as a PayPal Business account holder authorised to perform API operations. There are 2 authentication methods to choose from:

  • API Signature: We use a username, password, and a unique string of numbers and letters to identify your account. API Signature credentials don’t expire and are easier to implement and more commonly used.
  • API Certificate: We use a username, password, and a downloadable certificate to identify your account. API Certificate credentials are valid for 3 years, and you must renew them before they expire. We recommend this method for optimal security.

You can integrate PayPal's payment solutions with an Application Programming Interface (API) with your online store or shopping cart. Find out which API credentials you'll need from your shopping cart provider or web developer.

How do I request API credentials?

Here's how to request API credentials from a web browser:

  1. Go to Account Setting.
  2. Click Update next to API Access. 
  3. Under "NVP/SOAP API integration", click Manage API credentials.
  4. Select “Request API signature” or “Request API certificate”, depending on your shopping cart requirements.
  5. Click Agree and Submit.
  6. We’ll generate your API credentials.

How do I install my API credentials?

Once you’ve requested your API Signature or API Certificate credentials, you must install them. You install them in your application or shopping cart or insert them into your custom code.

API Signature

  • Copy and paste the API Username, Password, and Signature into your shopping cart’s configuration or administration screen for preconfigured shopping carts.
  • For custom shopping carts: Store the API credentials in a secure location with limited access.

API Certificate

  • If you’re using PayPal SDKs, you might need to encrypt the certificate before installing it.
  • You may need to contact your shopping cart provider if you’re using third-party shopping cart software. Ask for advice on how to install the new certificate.
  • You must place the new certificate on your server if you have a custom integration. Please confirm with your developer or system administrator where you need to place the certificate.

Testing your API credentials

You do most of your testing in PayPal’s Sandbox environment, although you can perform the final testing in PayPal’s Live environment using your Live credentials.

How do I renew or change my API credentials?

Here's how to renew or change your existing API Signature or Certificate credentials from a web browser:

  1. Log in to your PayPal Live or Sandbox account.
  2. Click Activity at the top of the page.
  3. Click API Access under "Operations."
  4. Under "NVP/SOAP API integration", click Manage API credentials.
  5. Select the desired option.


  • If you have an application currently using an API, removing or changing an API will break this integration.
  • If you have 2 active certificates, you must remove one to renew any API Certificate.
  • If you'd like to delete the API signature, click Remove under Manage API credentials.
  • Go to our Developer portal for more information on creating and managing API Credentials.
Was this article helpful?

More ways we can help

How are we doing?
Take our survey

If you accept cookies, we'll use them to improve and customise your experience and enable our partners to show you personalised PayPal ads when you visit other sites. Manage cookies and learn more