Payment Setup
Last updated
Last updated
Log in to your PayPal Developer account.
Click Dashboard.
Click Accounts under Sandbox.
Click the email address of the business account whose credentials you're checking.
Click Profile.
Click API credentials on the Account details screen.
If for some reason your API credentials aren't displayed there, you can also find them in your Sandbox account. Click Close on the Account details screen and continue with the rest of this procedure.
Check the box next to the business account whose credentials you are checking, and then click Enter Sandbox site.
Log in to that Sandbox business account.
Select Profile > My Selling Tools under the My Account tab.
Click Update next to API access on the My Profile screen.
Click View API Signature under Option 2 on the API Access screen. (If Request API Credentials appears under Option 2, it may be because you haven't requested your API credentials.)
PAYPAL_CLIENT_ID="client_id"
PAYPAL_SECRET="secret_key"
Stripe authenticates your API requests using your account’s API keys. If you do not include your key when making an API request or use one that is incorrect or outdated, Stripe returns an error.
Every account is provided with separate keys for testing and for running live transactions. All API requests exist in either test or live mode, and objects—customers, plans, coupons, and so forth—in one mode cannot be manipulated by objects in the other.
There are also two types of API keys: publishable and secret.
Publishable API keys are meant solely to identify your account with Stripe, they aren’t secret. In other words, they can safely be published in places like your Stripe.js JavaScript code, or in an Android or iPhone app.
Secret API keys should be kept confidential and only stored on your own servers. Your account’s secret API key can perform any API request to Stripe without restriction.
Each account has a total of four keys: a publishable and secret key pair for test mode and live mode.
Your API keys are always available in the Dashboard. For your convenience, your test API keys for your account are:
Key
Value
Publishable
pk_test_TYooMQauvdEDq54NiTphI7jx
Secret
sk_test_4eC39HqLyjWDarjtT1zdp7dc
The test and live modes function almost identically, with a few necessary differences:
In test mode, payments are not processed by card networks or payment providers, and only our test payment information can be used.
Some payment methods using Sources have a more nuanced flow in live mode, with more steps required than those in test mode.
Disputes also have a more nuanced flow in live mode and a simpler testing process.
Webhooks that were not successfully acknowledged are retried three times over a few hours (as opposed to 72 hours for live mode).
If an API key is compromised, roll the key in the Dashboard to block it and generate a new one.
STRIPE_KEY="app_key"
STRIPE_SECRET="app_secret"