PayPal Website Payments Pro

From WHMCS Documentation

Revision as of 17:19, 7 April 2017 by John (talk | contribs) (Undo revision 22215 by John (talk))
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Supported Features

Type One Time Recurring Refunds 3D Secure
Credit Card Yes Yes Yes Yes


To activate the module, begin by going to Setup > Payments > Payment Gateways and choosing "PayPal Website Payments Pro" from the available list of gateways to activate. Complete the first 3 fields using the details provided by PayPal (API Username, API Password, and API Signature) and click Save Changes to start accepting payments.

3D Secure

The next 3 fields in the configuration are: Processor ID, Merchant ID & Transaction PW. These are used by the 3D Secure process. PayPal Pro Accounts are usually enrolled for this by default these days and if you have been enrolled, PayPal will have provided you with the details for it.

If they haven't or you don't want to use the 3D Secure feature, then simply leaving these fields blank in WHMCS will disable the 3D Secure process, and mean it is not used during the checkout process on your site.

API Details

PayPal API Step 1

Once activated, you then need to enter your details for the Payflow Pro API. These can be found as described below.

  1. Login to PayPal
  2. Go to Profile > My selling preferences > API Access
PayPal API Step 2
  1. Choose Option 2 - Request API credentials to create your own API username and password.
  2. Choose Option 1 - Request API Signature and click Agree and Submit
  3. Copy the username, password and signature that get provided and then click Done
  4. Enter the details from the previous step into the WHMCS Payment Gateways config screen where requested

Reference Payments

This feature helps reduce your PCI compliance liability. Instead of storing card details in the WHMCS database the ID of the last transaction is used to make repeat charges. The limitation with remote card number storage is that changing payment gateway would require clients to re-enter their card details.

Contrary to what you might think, you should not tick the setting to "Disable Credit Card Storage" in Setup > General Settings > Security as that will disable entry by a client.

Supported Features

Type One Time Recurring Refunds 3D Secure
Token Yes Yes Yes No
Remote Update Card Remote Delete Card
No No


PayPal applies a time limit on how long you can repeat against a transaction, so 24 months after the original payment you will see a Referenced transaction or order is too old error. the solution is simply for a client to login and submit payment manually which will generate a new transaction that further repeats can be made against, and any time a client pays manually via the client area, that will be stored as the most recent transaction for any further repeats to be made against. The standard "Credit Card Payment Declined" email template will send to a client when the capture fails due to the expired reference transaction.

Server Modules
cPanel/WHM - DirectAdmin - Plesk - Helm 3 - Helm 4 - Ensim - InterWorx - WebsitePanel - Cloudmin - VePortal
Lxadmin - Virtualmin Pro - XPanel - HyperVM - FluidVM - SolusVM - Cloudmin - WHMSonic - VPS.Net
CentovaCast - SCPanel - MediaCP - GameCP - TCAdmin - Reseller Central - Auto Release - Heart Internet

Registrar Modules
Enom - ResellerClub - Nominet - OpenSRS - ResellOne - OnlineNIC - PlanetDomain - Affordable Domains
TPP Wholesale - TPPInternet - Stargate - Namecheap - NetEarthOne - Bizcn - InternetBS - GMO Internet
12Register - Registercom - DotDNS - WebNIC - Dot.TK - HexoNet - Realtime Register - Registereu
RRPProxy - ResellerCamp - TransIP - Heart Internet - IPMirror - NetRegistry - OVH - VentraIP Wholesale
Email - 101Domain

Fraud Modules
MaxMind - VariLogiX FraudCall - Telesign

Gateway Modules
2CheckOut - AsiaPay - Echeck - - CIM - Bank Transfer - BidPay
BluePay - BluePay Echeck - BluePay Remote - Boleto - CamTech - CashU - CC Avenue - ChronoPay
Cyberbit - Direct Debit - EEECurrency - E-Gold - EMatters - E-Path - eProcessingNetwork
eWAY Tokens - F2B - FastHosts - Finansbank - GarantiBank - Gate2Shop - LinkPoint
IMSP - Inpay - InternetSecure - IP.Pay - Kuveytturk - Modulo Moip - Mail In Payment
Merchant Partners - Merchant Warrior - IDEALMollie - Moneris - Moneris Vault
Skrill - SlimPay - My iDEAL - NaviGate - NETbilling - Netregistry Pay - NoChex - NTPNow
Offline Credit Card - Optimal Payments - PagSeguro - Payflow Pro - Pay Junction
Paymate AU and NZ - Payment Express - Paymex - PayPal - PayPal Express Checkout - PayPal Payments Pro (SecPay) - Payson - Payza - Planet Authorize - SagePay - ProtX VSP Form - PSIGate
Quantum Gateway - Quantum Vault - SagePay - SagePay Tokens - SecPay - SecurePay - SecurePay AU
Secure Trading - StormPay - TrustCommerce - USA ePay - WorldPay - WorldPay Invisible