Consider the payment_status!
If the payment status is "awaiting" you have to redirect the user to the given redirect url, so he/she can finalize the payment.
Build up a session with the Session-API and submit only the session hash to this endpoint. The status of your session has to be "complete", so there must not be any errors in the session. Important: additional "payment"-data sent with the session will be ignored, you cannot combine these.
A session can only be processed once!
After a session was sucessfully processed, you cannot read or use it again.
After a redirect payment like PayPal there has to be a success/failure page. By default it's the embed url of your form with a status parameter. We recommend to submit a "success_redirect_url" and "failure_redirect_url" so these urls are taken for redirect.