How do I resolve API timeout problems?
Your PayPal and Payflow API-based features are experiencing timeouts.
Multiple issues, including issues with firewalls or PayPal's server, can produce such errors.
Here's how to troubleshoot your timeout issues:
- Sign up for alerts – You can sign up for email alerts to PayPal technical system events and check for currently open issues that might be affecting performance.
- Check firewalls – Check for any firewalls or other access controls that might be preventing your application from connecting to the PayPal or Payflow servers.
- Check your client code's timeout configuration – PayPal recommends a minimum timeout setting of 30 seconds, even though it expects to process API requests in a much shorter time. A minimum setting of 30 seconds adds more flexibility in situations where the credit card issuer's response is delayed. If the timeout interval is set to a lower value, increase it to 30 seconds.
- Run nslookup – Run nslookup (or the dig or host commands if nslookup is unavailable) on the API URL to which your application and note the IP addresses returned.
- Compare the returned addresses to the IP addresses listed for live PayPal servers or Payflow servers.
- If the returned URL IP address doesn't match with one of PayPal's servers, investigate further (check DNS, the hosts file, and so on).
- Refresh the DNS cache – For Java-based integrations, you may have to refresh the DNS cache if an IP address for an API URL has changed. Typically, this requires restarting the JVM/application server (JBoss, GlassFish, etc.). For Java-based applications, you can learn more by researching the java.net.InetAddress class and the networkaddress.cache.ttl property.
- Run the traceroute command – Run the traceroute command from your server or your proxy server (if you use one) to the PayPal API endpoint. Then, run the same command from a location that can access PayPal (ideally one outside your network) and compare the results.
- If the traceroute stops after a hop between PayPal's API endpoint and your server, probably one of the hops along the route is blocking the request.
- For example, a small number of merchants are currently being blocked on the AT&T network. Because the route to PayPal's API endpoints goes over the AT&T network (among many others), these merchants can't reach the API endpoints. You must work with the AT&T Abuse and NOC teams to resolve the block on the AT&T network.
- Use OpenSSL – Use OpenSSL to verify connectivity with PayPal API endpoints or other IP addresses. For example, issue this command:
openssl s_client -connect api-3t.paypal.com:443.
- If this command connects successfully, you'll see "CONNECTED" in the first line of the response.
- If OpenSSL isn't currently installed on your operating system, go to www.openssl.org to download the binaries.
- Determine which servers are affected – For applications running on multiple servers, you can try to determine if the timeouts occur for requests that originate from one server or if they occur across all servers.
- If timeouts occur for only one server, run nslookup (or the "dig" or "host" commands if nslookup is unavailable) from the problem server and again from any servers that seem unaffected, then compare the results.
- If the problem server shows different IP addresses for the same URL, you might be able to resolve the issue by restarting the server.
If none of the preceding methods resolves the timeouts, contact PayPal Customer Service and and have the following information ready:
- The nslookup results
- The frequency, by percentage, of the timeouts. For example, do they occur for 100 percent of the API calls? Fifty percent?
- The approximate date and time when the timeouts began to occur
- Whether you made any network or code changes before the timeouts began
- The IP address from which the API requests should come
- For money-moving APIs, such as Express Checkout, Direct Payment, or Reference Transactions, indicate whether the API calls are or aren't being processed despite the timeout. You can check your account via PayPal Manager or www.paypal.com to determine whether or not transactions are being created from the API requests.