IP of donation
You have to provide the IP of the user (not of your server!). This is required to block spamming users/bots, otherwise your server will be blocked!
If everything went successfully you get a Transaction JSON in return. Otherwise you get a Errors JSON and you have to handle or show the errors to your user.
Consider the payment_status!
If the payment status is "awaiting" you have to redirect the user to the given redirect url, so he/she can finalize the payment.
Processing a session
Build up a session with the Session-API and submit only the session hash to this endpoint. The status of your session has to be "complete", so there must not be any errors in the session. Important: additional "payment"-data sent with the session will be ignored, you cannot combine these.
A session can only be processed once!
After a session was sucessfully processed, you cannot read or use it again.
Success and failure URL
After a redirect payment like PayPal there has to be a success/failure page. By default it's the embed url of your form with a status parameter. We recommend to submit a "success_redirect_url" and "failure_redirect_url" so these urls are taken for redirect.