PayPal
Get your PayPal Credentials
To integrate with PayPal, you need to obtain API credentials by creating an application in the PayPal Developer Portal.
Follow these steps:
- Create an account on the PayPal Developer Portal
- Create a new application, official docs
- Configure Log in with PayPal under "Other features"
- Set up your Return URL (redirect URL)
- Configure user information permissions
- Note your Client ID and Client Secret
- PayPal has two environments: Sandbox (for testing) and Live (for production)
- For testing, create sandbox test accounts in the Developer Dashboard under "Sandbox" → "Accounts"
- You cannot use your real PayPal account to test in sandbox mode - you must use the generated test accounts
- The Return URL in your PayPal app settings must exactly match your redirect URI
- The PayPal API does not work with localhost. You need to use a public domain for the redirect URL and HTTPS for local testing. You can use NGROK or another similar tool for this.
Make sure to configure "Log in with PayPal" in your app settings:
- Go to your app in the Developer Dashboard
- Under "Other features", check "Log in with PayPal"
- Click "Advanced Settings"
- Enter your Return URL
- Select the user information you want to access (email, name, etc.)
- Enter Privacy Policy and User Agreement URLs
- PayPal doesn't use traditional OAuth2 scopes in the authorization URL. Instead, you configure permissions directly in the Developer Dashboard
- For live apps, PayPal must review and approve your application before it can go live, which typically takes a few weeks
Configure the provider
To configure the provider, you need to import the provider and pass it to the socialProviders option of the auth instance.
import { betterAuth } from "better-auth"
export const auth = betterAuth({
socialProviders: {
paypal: {
clientId: process.env.PAYPAL_CLIENT_ID as string,
clientSecret: process.env.PAYPAL_CLIENT_SECRET as string,
environment: "sandbox", // or "live" for production //,
},
},
})Options
The PayPal provider accepts the following options:
environment:'sandbox' | 'live'- PayPal environment to use (default:'sandbox')requestShippingAddress:boolean- Whether to request shipping address information (default:false)
export const auth = betterAuth({
socialProviders: {
paypal: {
clientId: process.env.PAYPAL_CLIENT_ID as string,
clientSecret: process.env.PAYPAL_CLIENT_SECRET as string,
environment: "live", // Use "live" for production
requestShippingAddress: true, // Request address info
},
},
})Sign In with PayPal
To sign in with PayPal, you can use the signIn.social function provided by the client. The signIn function takes an object with the following properties:
provider: The provider to use. It should be set topaypal.
import { createAuthClient } from "better-auth/client"
const authClient = createAuthClient()
const signIn = async () => {
const data = await authClient.signIn.social({
provider: "paypal"
})
}Additional Options:
environment: PayPal environment to use.- Default:
"sandbox" - Options:
"sandbox"|"live"
- Default:
requestShippingAddress: Whether to request shipping address information.- Default:
false
- Default:
scope: Additional scopes to request (combined with default permissions).- Default: Configured in PayPal Developer Dashboard
- Note: PayPal doesn't use traditional OAuth2 scopes - permissions are set in the Dashboard For more details refer to the Scopes Reference
mapProfileToUser: Custom function to map PayPal profile data to user object.getUserInfo: Custom function to retrieve user information. For more details refer to the User ReferenceverifyIdToken: Custom ID token verification function.