- Documentation: https://developer.paypal.com/home/
- Summary: Paypal is a worldwide payment system that supports online money transfers. It operates as a payment processor for many online vendors or auction platforms among others. Applications can integrate with PayPal via OAuth2. The credentials are then used to get an access token for further REST API calls with authentication.
- IPs allowlist: Here is an interesting discussion about IP allowlisting with PayPal services.
- Scopes: Credentials scopes vary depending on the type of account associated to the credentials.
Application credentials can be revoked and rotated from the user dashboard, on the
My Apps & Credentials page, using the
Generate new secret button.
PayPal supports webhooks that can give hints on suspicious use of credentials: see here on the dashboard.
Category: Payment system
High recall: False
Validity check available: True
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 8.04
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r)?html5?~?$ - ^[aps]?cssc?~?$ - ^lock$ - ^mdx?~?$ - ^storyboard(c|er)?~?$ - ^xib$ banlist_filenames:  check_binaries: false- type: ContentWhitelistPreValidator patterns: - paypal
- text: PAYPAL_ID=AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt\nPAYPAL_SECRET=EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5 client_id: AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt client_secret: EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5