How do I implement PayPal's Payflow Pro and Website Payments Pro Payflow Edition HTTPS interface?

Users of Payflow Pro (US, AU) and Website Payments Pro Payflow Edition (UK) can use the HTTPS Interface to post directly to the Payflow Pro servers without installing an SDK. This allows them to use it with any operating system or language.

PayPal’s Payflow Pro message protocol is an HTTP-compatible protocol for transactions. It has the following goals:

  • Enhance flexibility to developers integrating with the Payflow Pro Service for US, UK, and AU merchants.
  • Work without needing an SDK.
  • Increase reliability through adherence to open standards.
  • Provide built-in tools to prevent duplicate transactions and authorizations.

See PayPal Developer Documentation to learn more.


The Payflow Pro message protocol uses the Payflow Pro name/value pair or the XMLPay 2.0 format to provide underlying transport for application-level transactions. Transaction data is embedded in the body of a standard HTTP POST and POSTed to the URLs specified. It uses the same name/value pair parameters or XMLPay schema found in the current SDKs. However, you'll need to include the following headers during the request:
  • Content-Type: text/namevalue (required)
  • X-VPS-Timeout: 30 (required)
  • X-VPS-VIT-OS-Name: Linux
  • X-VPS-VIT-OS-Version: RHEL 4
  • X-VPS-VIT-Client-Type: PHP/cURL
  • X-VPS-VIT-Client-Version: 0.01
  • X-VPS-VIT-Client-Architecture: x86
  • X-VPS-VIT-Integration-Product: MyApplication
  • X-VPS-VIT-Integration-Version: 0.01
  • X-VPS-VIT-Runtime-Version: 10.2
  • X-VPS-Request-ID: 12345678 (required)

URLs For sending messages

Use the following URLs for sending transactions to PayPal’s Payflow Pro Production servers:
  • Production (Live):
  • Pilot (Test):

How to implement HTTPS POST

You can find examples on GitHub.