PayPal

What you need

Why we ask for each field

Client ID

Identifies your PayPal app on API calls. It works only when paired with the Client secret.

Client secret

The private half of API auth. With the Client ID, it lets us create the order, so the payment runs through your account.

Webhook ID

How we confirm a webhook is genuinely from PayPal: PayPal identifies each webhook by an ID, and we use it to ask PayPal directly whether a given message is authentic. That stops anyone from forging a "paid" event.

Success and Cancel URL

Plain settings: where the buyer lands after paying or backing out. Not secret.

Set up

1. Open the PayPal Developer dashboard

   Sign in at developer.paypal.com. PayPal gives you a free Sandbox with fake business and buyer accounts, so you can test without moving real money. This guide walks the Sandbox; the Live flow is identical, just flip the Sandbox / Live toggle (top left) and use a PayPal for Business account. From the dashboard, open Apps & Credentials.

   ⤢
2. Create an app

   On the API Credentials page, confirm the Sandbox toggle is selected, then click Create App (top right).

   ⤢
3. Name it and choose Merchant

   Enter an App Name (for example "Coin Moebius"), leave the Type on Merchant, pick your sandbox business account, and click Create App.

   ⤢
4. Copy your Client ID and Client secret

   PayPal opens your new app. Copy the Client ID and reveal and copy the Secret key. (You can also copy both from the Default Application row on the API Credentials list.) Set them aside.

   ⤢

   ⤢

   The Client secret is secret, treat it like a password. The sandbox app and live app each have their own pair, so do not mix them.

5. Add a webhook

   Scroll down the app page to the Sandbox Webhooks section and click Add Webhook. In the Webhook URL field, paste your project’s PayPal webhook address (below). Then choose the events Coin Moebius listens for, and Save.

   • One-time payments: CHECKOUT.ORDER.APPROVED, PAYMENT.CAPTURE.COMPLETED, PAYMENT.CAPTURE.DENIED, PAYMENT.CAPTURE.DECLINED, PAYMENT.CAPTURE.REFUNDED, PAYMENT.CAPTURE.REVERSED, CUSTOMER.DISPUTE.CREATED.
   • Subscriptions (only if you sell them): BILLING.SUBSCRIPTION.ACTIVATED, BILLING.SUBSCRIPTION.UPDATED, BILLING.SUBSCRIPTION.CANCELLED, BILLING.SUBSCRIPTION.PAYMENT.FAILED, PAYMENT.SALE.COMPLETED. If you are not billing on a recurring basis, skip these.
   • In a hurry? Selecting All Events (the wildcard at the top) also works, we ignore anything we do not use.

   https://api.coinmoebius.com/webhook/paypal/<your project id>

   ⤢

   Your project ID sits under the project name in the Coin Moebius dashboard; drop it into the address above. The connected provider card (last step) shows the same URL for reference.

6. Copy the Webhook ID

   Your webhook now appears in the Sandbox Webhooks list. Copy the Webhook ID shown next to it. This is how Coin Moebius asks PayPal to confirm each webhook is genuine. Register a separate webhook in sandbox and in live.

   ⤢
7. Back in Coin Moebius: Add provider → PayPal

   In your project, open the Providers tab, click Add provider, choose Connect a service, and pick PayPal. Set your Success URL and Cancel URL. Testing with sandbox credentials? Use the Test (optional) tab and paste your Client ID, Client secret, and Webhook ID there, then click Save. Going straight to live? Use the Live tab. The Test group is all-or-nothing: all three fields, or none.

   ⤢
8. You are connected

   PayPal now appears on your Providers tab with the date it connected (tagged TEST when you used sandbox credentials). The card shows the same webhook URL you pasted into PayPal, plus Edit and Disconnect.

   ⤢
9. Test with a sandbox buyer

   To pay through a test checkout, you need your sandbox buyer login. In PayPal, open Testing Tools → Sandbox Accounts to see your fake Business and Personal accounts.

   ⤢
10. Get the buyer login details

    Open the Personal (buyer) account to view its Login Info: the sandbox URL, email, and password. Sign in at sandbox.paypal.com with those when a test checkout asks you to pay. No real money moves.

    ⤢

After you connect

Run one test payment before going live:

1. Create a product and set its Environment to Testing. That runs the product on your sandbox credentials, so you can place a full order without moving money. (If you skipped the sandbox set, a Testing product falls back to live, so add it first.)
2. Place the buy button on a page (a local HTML file works) pointed at your project.
3. Complete checkout by paying with your sandbox buyer account.
4. Open the Transactions tab. A new row appears, tagged Testing. When its status reaches succeeded, your credentials and webhook are both working end to end.

Switch the product Environment to Live when you are ready for real payments.

Troubleshooting

Start with Verify. In the dashboard, click Verify (or Verify test credentials for sandbox) to check your client credentials.

Verify fails.

Re-copy the Client ID and Client secret. The sandbox app and live app have different pairs, so do not mix them.

Payment completes but the order stays pending.

The Webhook ID must come from the same app and environment as your client credentials. Live credentials need the live webhook ID. Confirm the webhook URL matches.

Confirm it end to end.

PayPal Developer Dashboard → Webhooks Simulator: send a sample event to your webhook URL, then watch the order update.

Good to know

Rotating secrets. Generate a new client secret anytime, then paste it in. Secret fields stay blank on edit.

Questions? Join our Discord