PayPal API eror – trying to retrieve Paypal Email Address and verification status | Error 400

I’m trying to have my application using React, trying to retrieve the users PayPal Email address, but everything I do returns an ‘Error 400 – Bad Request – Unable to fetch details to serve the request’.

Any idea why? I have double checked my return URI in PayPal, as well as my client / secret ID’s.

My backend:

export const handlePaypalOAuthCallback = async (req, res) => {
  try {
    const { code, state } = req.query;
    console.log('PayPal callback received:', { 
      code: code ? 'present' : 'missing',
      state: state ? 'present' : 'missing',
      fullQuery: req.query 
    if (!code) {
      throw new Error('Authorization code not received');

    if (!state) {
      throw new Error('User ID not received in state parameter');

    const CLIENT_ID = "xxx";
    const CLIENT_SECRET = "xxx";
      console.error('Missing PayPal credentials');
      throw new Error('Server configuration error');

    const auth = Buffer.from(`${CLIENT_ID}:${CLIENT_SECRET}`).toString('base64');

    console.log('Preparing token request:', {
      url: '',
      grantType: 'authorization_code',
      hasCode: !!code,
      hasAuth: !!auth,
      redirectUri: '<my return uri>/api/paypal/oauth/callback'

    const params = new URLSearchParams();
    params.append('grant_type', 'authorization_code');
    params.append('code', code);
    params.append('redirect_uri', '');
    // Add these additional parameters
    params.append('scope', 'openid email');
    params.append('client_id', CLIENT_ID);
    params.append('client_secret', CLIENT_SECRET);

    try {
      // Get access token
      const tokenResponse = await
          headers: {
            'Authorization': `Basic ${auth}`,
            'Content-Type': 'application/x-www-form-urlencoded',
            'PayPal-Request-Id': `${}`,
            'Accept': 'application/json',
            'Accept-Language': 'en_US'

      console.log('Token response received:', {
        hasAccessToken: !!,
        status: tokenResponse.status,
        headers: tokenResponse.headers

      const accessToken =;

      // Log token details for debugging (first few chars only)
      console.log('Access token details:', {
        prefix: accessToken.substring(0, 10),
        length: accessToken.length,

      if (!accessToken || typeof accessToken !== 'string') {
        throw new Error('Invalid access token received from PayPal');

      // Make the userInfo request with proper authorization header
      const userInfoResponse = await axios.get(
        '',  // Changed URL
          headers: {
            'Authorization': `Bearer ${accessToken}`,
            'Content-Type': 'application/json',
            'Accept': 'application/json',
            'PayPal-Request-Id': `${}`,

      // Log successful userInfo response
      console.log('User info response received:', {
        status: userInfoResponse.status,
        hasData: !!,
        dataKeys: Object.keys(

      const paypalEmail =;
      if (!paypalEmail) {
        throw new Error('PayPal email not received in user info response');

      // Update user with PayPal email
      const userId = state;
      const user = await UserModel.findById(userId);
      if (!user) {
        throw new Error('User not found');

      user.paypalEmail = paypalEmail;
      user.paypalVerified = true;

      console.log('User PayPal email updated successfully:', {
        userId: user._id,
        verified: true

      // Redirect back to frontend with success
    } catch (error) {
      // Enhanced error logging
      console.error('API request failed:', {
        status: error.response?.status,
        statusText: error.response?.statusText,
        data: error.response?.data,
        message: error.message,
        headers: error.response?.headers,
        config: {
          url: error.config?.url,
          method: error.config?.method,
          headers: {
            Authorization: error.config?.headers?.Authorization 
              ? `${error.config.headers.Authorization.substring(0, 10)}...` 
              : 'missing'
        wwwAuthenticate: error.response?.headers?.['www-authenticate']
      throw error;

  } catch (error) {
    console.error('PayPal OAuth error:', {
      message: error.message,
      response: error.response?.data,
      status: error.response?.status,
      statusText: error.response?.statusText

My frontend:

const PayPalLoginCard = () => {
  const { user, updateUserProfile } = useContext(AuthContext);
  const [isLoading, setIsLoading] = useState(false);
  const [error, setError] = useState('');
  const [successMessage, setSuccessMessage] = useState('');
  const location = useLocation();
  const navigate = useNavigate();

  useEffect(() => {
    // Handle OAuth response
    const searchParams = new URLSearchParams(;
    const paypalStatus = searchParams.get('paypal');
    if (paypalStatus === 'success') {
      setSuccessMessage('PayPal account connected successfully');
      // Remove query params
      navigate('/account', { replace: true });
    } else if (paypalStatus === 'error') {
      setError(searchParams.get('message') || 'Failed to connect PayPal account');
      navigate('/account', { replace: true });
  }, [location, navigate]);
  const handlePayPalLogin = () => {
    try {
      const PAYPAL_CLIENT_ID = "AYwuAs7zBcLHOCaCA0fmLsFKjZGY26T0hvN3KUgwu-uNIp44cpP1M5C_wB4lucVhlJ_BDuQwKUcEcAm-";
      const REDIRECT_URI = '';
      const userId = user?.id;
      if (!userId) {
        throw new Error('User ID not available');
      // Updated scopes and parameters
      const scopes = 'openid email';
      const authUrl = `${PAYPAL_CLIENT_ID}&response_type=code&scope=${scopes}&redirect_uri=${encodeURIComponent(REDIRECT_URI)}&state=${userId}&nonce=${}`;
      window.location.href = authUrl;
    } catch (error) {
      console.error('Error initiating PayPal login:', error);
      setError(error.message || 'Failed to initiate PayPal login');

  const handleDisconnect = async () => {
    try {
      const response = await
          headers: {
            Authorization: `Bearer ${localStorage.getItem('token')}`,
      if ( {
        await updateUserProfile({ paypalEmail: null });
        setSuccessMessage('PayPal account disconnected successfully');
    } catch (error) {
      setError('Failed to disconnect PayPal account');
    } finally {

I have verified my Client/Secret ID, I have triple checked my return URI.