Are you seeing the “Security Header is Not Valid” error at checkout? This PayPal error usually means your API credentials are incorrect. Keep reading for the steps to resolve the error and repair your membership checkout process.
Example of the Security Header is Not Valid PayPal Error
Below is a screenshot of what the “Security Header is Not Valid” error will look like in your membership site.
Troubleshooting the “Security Header is Not Valid” Error
The most common reason for the “Security Header is Not Valid” error is incorrect PayPal payment gateway credentials. Below is a list of steps to confirm you have entered the correct settings, as well as a few other possible edge cases that may help you resolve this error.
- Check your PayPal Environment
- Navigate to Memberships > Settings > Payment Settings.
- Make sure you are using the correct Account Email, API Username, API Password, and API signature for the environment you selected (Live or Sandbox).
- Your live and test API information will be different.
- Verify API Credentials
- For sites in the Live gateway environment:
- If you are confident that you have entered a set of Live credentials and your site is in Live mode, it is possible the credentials were not entered correctly.
- Reconfirm your gateway credentials by following the steps to set up PayPal Express here.
- Ensure there are no extra spaces when pasting credentials into your site settings.
- According to PayPal, API keys may expire after 3 years.
- For sites in the Sandbox gateway environment:
- If you are confident that you have entered a set of Sandbox credentials and your site is in Sandbox mode, it is possible the credentials were not entered correctly.
- Reconfirm your Sandbox gateway credentials by following the steps to test PayPal Express here.
- For sites in the Live gateway environment:
- Ensure Your Web Server Supports SSL/TLS
- Your site must have an up-to-date SSL certificate to communicate with PayPal securely.
- Your server must also support the TLS 1.2 protocol for encryption.
- Check Your Site Title in WordPress
- PayPal Express checkout shows the name of your site in a “back” link so customers can return to your site if they decide not to complete payment.
- If you do not have a Site Title set up, you must add one.
- Navigate to Settings > General in the WordPress admin.
- Make sure the “Site Title” is filled in.
- Save Settings.
- Check for Special Characters in Membership Levels
- PayPal can also break if you are using special characters in your Membership Level names.
- Navigate to Memberships > Settings > Levels.
- Remove symbols like
!@#$%from your membership names.
Get Support for Your Membership Site
Still stuck on the “Security Header is Not Valid” error? Our support team is here to help. If you have tried troubleshooting on your own but the issue persists, our expert support team can step in.
Visit our Support Page to learn about our support process. We are here to help you to resolve the problem so you can start accepting payments on your membership site.
