Paypal Token Key
Bridgecrew Policy ID: BC_GIT_84
Severity: MEDIUM
Paypal Token Key
Description
The OAuth 2.0 authentication protocol, which enables users to grant third-party applications access to their PayPal accounts without sharing their login credentials. When a user grants permission to a third-party application, PayPal issues an access token and a refresh token, which the application can use to access the user's PayPal account on their behalf.
Fix - Buildtime
PayPal
To revoke the key
- Log in to your PayPal account at www.paypal.com.
- Click on the "Settings" icon in the top right corner and select "Account Settings."
- Click on "API Access" under the "Integrations" section.
- Click on "Manage API credentials."
- Under the "NVP/SOAP API integration (Classic)" section, find the API credentials associated with the OAuth access token you want to revoke.
- Click on "Remove" next to the API credentials.
- Confirm that you want to revoke the access token by clicking "Remove" again in the pop-up window.
Updated 7 months ago