My first example--called "10" like BASIC lines were numbered--has all of the setup details.
Example 4 has variable pricing.
Now the goal is to get server-side control. That is, to verify a purchase from my server directly to PayPal. Otherwise put, one should never believe anything that comes from the browser / client. At least, not in this context.
Make the first "Get an Access Token" call. That results in JSON that includes "access_token":"A21AAL... [80 characters, I think]"
curl -v -X GET "https://api-m.sandbox.paypal.com/v2/checkout/orders/8DC73665752701203" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer A21AAL"
That gives you JSON that will confirm (or deny) the order's completion, amount, shipping address, etc.