So what do you use the secret key for ?
I'm developing using WordPress/Php and got a bit annoyed at the various Paypal plugins not doing exacly what I wanted them to, so I wrote my own plugin which works perfectly. I can get any interaction I want within my applications.
I'm using Paypal checkout, but my implementation only uses the public key. Most PayPal plugins I've seen you have to provide both the public and private keys. It just dawned on me that I'm not using the private key.
My question is what do I do with the private key ?
Do I need to use it. I've been through the paypal documentation and although there is lots of documentation about the private key, there is nothing that says you have to use it. Should I be bothered about not using it.
If you are referring to the REST API
clientidandsecret, the secret is used for server-side API communication with PayPal.If your integration is not doing any server-side API communication with PayPal, then you won't be using it for anything.
Server-side integrations are more robust, and require a developer with the knowledge and ability to implement them. Here is a front-end UI pattern that would communicate with 2 server-side routes: https://developer.paypal.com/demo/checkout/#/pattern/server
Those routes would need to be created on the server, and implement the appropriate business logic as well as do API calls to PayPal, using the clientid and secret, to 'Set Up Transaction' and 'Capture Transaction', respectively. Here is information on that: https://developer.paypal.com/docs/checkout/reference/server-integration/