As an API caller, I'd like to make refunds on chained payments where I am a secondary receiver. For this I need permission from the primary receiver.
If I'm right I need to use the permission API's RequestPermissionsRequest with REFUND scope to get permission and use the response token with the verification code of the paypal redirect (after user gives us the permission) to execute a GetAccessTokenRequest to receive an access token.
My question is how to use this token with the RefundRequest call?
I found the answer in the source+examples of the permission API. To use the access token, you have to create a SignatureCredential from your own API settings and then create a ThirdPartyAuthorization from the access token. Set the ThirdPartyAuthorization into the SignatureCredential and use the SignatureCredential as parameter for the PermissionService calls. Example code
The interesting part is that with the AdaptivePaymentsService this credential doesn't work. For example if you have the permission to do refunds, you can simply call AdaptivePaymentsService.refund without the credential parameter and PayPal will remember that you have permission or not.
Thank you paypal for the consistent, well documented, easy to use API! :)