PayPal OAuth2 Keys
Description
General
- Documentation: https://developer.paypal.com/home/
- Summary: Paypal is a worldwide payment system that supports online money transfers. It operates as a payment processor for many online vendors or auction platforms among others. Applications can integrate with PayPal via OAuth2. The credentials are then used to get an access token for further REST API calls with authentication.
- IPs allowlist: Here is an interesting discussion about IP allowlisting with PayPal services.
- Scopes: Credentials scopes vary depending on the type of account associated to the credentials.
Revoke the secret
Application credentials can be revoked and rotated from the user dashboard, on the My Apps & Credentials page, using the Generate new secret button.
Check for suspicious activity
PayPal supports webhooks that can give hints on suspicious use of credentials: see here on the dashboard.
Details for Paypal oauth2
Family: Api
Category: Payment system
Company: PayPal
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 2
Occurrences found for one million commits: 15.62
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- paypal
- type: ContentWhitelistPreValidator
patterns:
- id
- type: ContentWhitelistPreValidator
patterns:
- secret
- type: ContentWhitelistPreValidator
patterns:
- a[a-z0-9_-]{59}
Examples
- text: PAYPAL_ID=AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt\nPAYPAL_SECRET=EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5
client_id: AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt
client_secret: EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5
- text: PAYPAL_ID=AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt\nPAYPAL_SECRET=EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5
client_id: AdGE8hDyixVoHmbhASqAThfbBcrbcgiJPBwlAM7u7Kfq3YU-iPGc6BXETtpt
client_secret: EPN0WxB5PaRaumTB1ZpCuTuqLqIlF6_EWUcAbZV99Eu86YeNBVm9KVsw_Ez5
Details for Paypal oauth2 base64
Family: Api
Category: Payment system
Company: PayPal
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 0.31
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- paypal
- type: ContentWhitelistPreValidator
patterns:
- '[a-z0-9]{215}='
- '[a-z0-9]{162}[a-z0-9=]='
Examples
- text: |
cy.request({
method: 'POST',
url: 'https://api.paypal.com/v1/oauth2/token',
form: true,
headers: {
authorization: "Basic QVdMNkxmT3poRWZISGJWYjhES0lnUWYtWkNQSG80UzJXdnRMT09HT1lZX2g4MVpXYWEzRlBZR3c1LWtDX19acHYyU0ZEMW43dmFqV3dzOW86RUVQblp0MlI5NEhnWFM0SGROYmpmdmQ1Q0ZLczJ5cEMxQzQ1Zl9wRHpDUGwySDgyVmhYWk5TdndsQjR1YjBBeXF4MDhpcUpaQ3RXUTJIR0Y="
},
body: {
grant_type: "client_credentials"
},
})
client_id: QVdMNkxmT3poRWZISGJWYjhES0lnUWYtWkNQSG80UzJXdnRMT09HT1lZX2g4MVpXYWEzRlBZR3c1LWtDX19acHYyU0ZEMW43dmFqV3dzOW8
client_secret: RUVQblp0MlI5NEhnWFM0SGROYmpmdmQ1Q0ZLczJ5cEMxQzQ1Zl9wRHpDUGwySDgyVmhYWk5TdndsQjR1YjBBeXF4MDhpcUpaQ3RXUTJIR0Y
- text: |
cy.request({
method: 'POST',
url: 'https://api.paypal.com/v1/oauth2/token',
form: true,
headers: {
authorization: "Basic QVdMNkxmT3poRWZISGJWYjhES0lnUWYtWkNQSG80UzJXdnRMT09HT1lZX2g4MVpXYWEzRlBZR3c1LWtDX19acHYyU0ZEMW43dmFqV3dzOW86RUVQblp0MlI5NEhnWFM0SGROYmpmdmQ1Q0ZLczJ5cEMxQzQ1Zl9wRHpDUGwySDgyVmhYWk5TdndsQjR1YjBBeXF4MDhpcUpaQ3RXUTJIR0Y="
},
body: {
grant_type: "client_credentials"
},
})
client_id: QVdMNkxmT3poRWZISGJWYjhES0lnUWYtWkNQSG80UzJXdnRMT09HT1lZX2g4MVpXYWEzRlBZR3c1LWtDX19acHYyU0ZEMW43dmFqV3dzOW8
client_secret: RUVQblp0MlI5NEhnWFM0SGROYmpmdmQ1Q0ZLczJ5cEMxQzQ1Zl9wRHpDUGwySDgyVmhYWk5TdndsQjR1YjBBeXF4MDhpcUpaQ3RXUTJIR0Y
