Sample code for 30+ languages & platforms
SQL Server

PayPal - Store Credit Card in Vault

See more PayPal Examples

Saves the buyer's credit card information to PayPal's vault. This avoids storing credit card details on your server and thus PCI compliance is no longer an issue.

Note: For sandbox calls, you can use the credit card numbers provided in your sandbox test accounts.

Note: This example requires Chilkat v9.5.0.65 or greater.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- Note: Requires Chilkat v9.5.0.65 or greater.

    -- This requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- Load our previously obtained access token. (see PayPal OAuth2 Access Token)
    DECLARE @jsonToken int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonToken OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @jsonToken, 'LoadFile', @success OUT, 'qa_data/tokens/paypal.json'

    -- Build the Authorization request header field value.
    DECLARE @sbAuth int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbAuth OUT

    -- token_type should be "Bearer"
    EXEC sp_OAMethod @jsonToken, 'StringOf', @sTmp0 OUT, 'token_type'
    EXEC sp_OAMethod @sbAuth, 'Append', @success OUT, @sTmp0
    EXEC sp_OAMethod @sbAuth, 'Append', @success OUT, ' '
    EXEC sp_OAMethod @jsonToken, 'StringOf', @sTmp0 OUT, 'access_token'
    EXEC sp_OAMethod @sbAuth, 'Append', @success OUT, @sTmp0

    -- Make the initial connection.
    -- A single REST object, once connected, can be used for many PayPal REST API calls.
    -- The auto-reconnect indicates that if the already-established HTTPS connection is closed,
    -- then it will be automatically re-established as needed.
    DECLARE @rest int
    EXEC @hr = sp_OACreate 'Chilkat.Rest', @rest OUT

    DECLARE @bAutoReconnect int
    SELECT @bAutoReconnect = 1
    EXEC sp_OAMethod @rest, 'Connect', @success OUT, 'api.sandbox.paypal.com', 443, 1, @bAutoReconnect
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rest, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jsonToken
        EXEC @hr = sp_OADestroy @sbAuth
        EXEC @hr = sp_OADestroy @rest
        RETURN
      END

    -- ----------------------------------------------------------------------------------------------
    -- The code above this comment could be placed inside a function/subroutine within the application
    -- because the connection does not need to be made for every request.  Once the connection is made
    -- the app may send many requests..
    -- ----------------------------------------------------------------------------------------------

    -- Build the JSON containing the credit card data.
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OASetProperty @json, 'EmitCompact', 0
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'payer_id', 'user12345'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'type', 'visa'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'number', '4032031087659974'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'expire_month', '9'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'expire_year', '2021'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'first_name', 'Joe'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'last_name', 'Shopper'

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    -- The JSON created by the above code is this:

    -- 	{ 
    -- 	  "payer_id": "user12345",
    -- 	  "type": "visa",
    -- 	  "number": "4032031087659974",
    -- 	  "expire_month": "9",
    -- 	  "expire_year": "2021",
    -- 	  "first_name": "Joe",
    -- 	  "last_name": "Shopper"
    -- 	}

    EXEC sp_OAMethod @sbAuth, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'Authorization', @sTmp0
    EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'Content-Type', 'application/json'

    -- Send the POST request containign the JSON in the request body, and get the JSON response.
    DECLARE @sbJsonRequest int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbJsonRequest OUT

    EXEC sp_OASetProperty @json, 'EmitCompact', 1
    EXEC sp_OAMethod @json, 'EmitSb', @success OUT, @sbJsonRequest
    DECLARE @sbJsonResponse int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbJsonResponse OUT

    EXEC sp_OAMethod @rest, 'FullRequestSb', @success OUT, 'POST', '/v1/vault/credit-card', @sbJsonRequest, @sbJsonResponse
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rest, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jsonToken
        EXEC @hr = sp_OADestroy @sbAuth
        EXEC @hr = sp_OADestroy @rest
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @sbJsonRequest
        EXEC @hr = sp_OADestroy @sbJsonResponse
        RETURN
      END

    EXEC sp_OASetProperty @json, 'EmitCompact', 0
    EXEC sp_OAMethod @json, 'LoadSb', @success OUT, @sbJsonResponse


    EXEC sp_OAGetProperty @rest, 'ResponseStatusCode', @iTmp0 OUT
    PRINT 'Response Status Code = ' + @iTmp0

    -- Did we get a 201 success response?
    EXEC sp_OAGetProperty @rest, 'ResponseStatusCode', @iTmp0 OUT
    IF @iTmp0 <> 201
      BEGIN
        EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
        PRINT @sTmp0

        PRINT 'Failed.'
        EXEC @hr = sp_OADestroy @jsonToken
        EXEC @hr = sp_OADestroy @sbAuth
        EXEC @hr = sp_OADestroy @rest
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @sbJsonRequest
        EXEC @hr = sp_OADestroy @sbJsonResponse
        RETURN
      END

    -- a sample JSON response is shown below.
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    -- // The "id" is what will be used to create a payment with the stored credit card.

    EXEC sp_OAMethod @json, 'StringOf', @sTmp0 OUT, 'id'
    PRINT 'card ID: ' + @sTmp0

    PRINT 'success.'

    -- ---------------------------------------------------------
    -- A sample JSON response:

    -- 	{ 
    -- 	  "id": "CARD-52W84623JH8043102LA3CLGA",
    -- 	  "state": "ok",
    -- 	  "payer_id": "user12345",
    -- 	  "type": "visa",
    -- 	  "number": "xxxxxxxxxxxx9974",
    -- 	  "expire_month": "9",
    -- 	  "expire_year": "2021",
    -- 	  "first_name": "Joe",
    -- 	  "last_name": "Shopper",
    -- 	  "valid_until": "2019-11-23T00:00:00Z",
    -- 	  "create_time": "2016-11-23T23:26:16Z",
    -- 	  "update_time": "2016-11-23T23:26:16Z",
    -- 	  "links": [
    -- 	    { 
    -- 	      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-52W84623JH8043102LA3CLGA",
    -- 	      "rel": "self",
    -- 	      "method": "GET"
    -- 	    },
    -- 	    { 
    -- 	      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-52W84623JH8043102LA3CLGA",
    -- 	      "rel": "delete",
    -- 	      "method": "DELETE"
    -- 	    },
    -- 	    { 
    -- 	      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-52W84623JH8043102LA3CLGA",
    -- 	      "rel": "patch",
    -- 	      "method": "PATCH"
    -- 	    }
    -- 	  ]
    -- 	

    EXEC @hr = sp_OADestroy @jsonToken
    EXEC @hr = sp_OADestroy @sbAuth
    EXEC @hr = sp_OADestroy @rest
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @sbJsonRequest
    EXEC @hr = sp_OADestroy @sbJsonResponse


END
GO