Is there any way to use some paypal api for validation of username in paypal?
Google didn't give much :( and using such method isn't comfortable, cause there are too many requested parameters(for example, i know user's email, but i don't even want to know his adress,etc.).
PayPal doesn't provide such an API and for a very good reason.
Remember - it's being constantly under a lot of pressure from scammers around the world that are trying to steal other people's money. Just imagine the phishing power one might get by being able to pre-validate the email addresses to see if they really are current PayPal users and then crafting a targetted email attack on them...
Such an API (to see if a random email address is registered with a PayPal account holder) does not and never will exist for security reasons. With possibly one exception - "trusted partners", where PayPal partners up with a big and established entity and allows special API permissions (based on secure credentials), but this is not something a mere mortal could ever hope for.
Furthermore, if a workaround is discovered that allows to do just that - rest assured PayPal will patch that hole ASAP to avoid security breach.
Related
I am working on a project and my clients want to have the Message centre of Paypal integrated into their system so they won't need to log in every time on PayPal account to check their emails and reply.
I can not find any available option on their developer portal for a call similar to that. But I thought to ask here as may someone had better luck finding that.
Much appreciated.
There is a customer Disputes API for handling that part of backend administration. This is typically only useful for large/enterprise merchants.
Other things require logging into the account. User logins with specific/limited roles can be created.
I came from a similar state in this question.
My objective is to reply to interested customers via whatsapp messages. I'll use a very special setup, so I'll be using the API.
Reasons:
With not to pay anyone other than container hosts
Solution with custom API
Customer doesn't like any extra costs
Just like user noboundaries, I see the numbers, but I cant get the certificate
User Navjot Singh has explained I need to create a "business api account"
I tried just that, put out all my contacts and stuff, in this site.
They did respond yes, but only with pointless instructions, since I wish not to contract any messaging providers. I had taken a look at it, but they charge a very expensive price beyond the $0.005 whatsapp will charge. Also, the solution I'm creating requires messages to be sent programatically, and the partners don't seem to provide the correct solution.
So, I wish to skip into using the api. I followed the appropriate guides:
Getting started
Phone Number
I already got some things done:
two phone numbers (one of them for testing) with whatsapp business;
company has been verified, with domain
have business management account
local environment with docker
I can access the local environment and I have set an user account and the admin acount. I can log into those via the API, since postman can ignore certificates, but in order to proceed I really feel like I need that certificate.
So to sim up I guess I need help creating the whatsapp business account for my customer. Any advice?
Also i'd appreciate any other helpful insight or feedback. I really feel lost and I don't see a place where I can talk to people trying to do the same thing, or doing this is much of a madness after all?
thanks for getting to read until here, and I apologize for my non natural, almost broken English.
Hi I wanted to start big in stackOverflow but I fell flat.
About the subject at hand, westerday I dwelt deep into the rabbit hole.
For most companies, you actually are forced to work with a provider, such as twllio or messagebird. They act as intermediary between the facebook business and the whatsapp business api.
Some of they offer messaging separated from whatsapp api setup I still need to take a look into it, but for those who are trying to set up whatsapp business api on their one, it seems as of november 2020 it's not possible.
please check out:
respond.io's guide
blog post from take.net PT-BR (google translate didn't like me trying to translate this to English)
Does SendGrid support double opt-in to Lists as a feature or is that something we will have to implement for ourselves?
https://sendgrid.api-docs.io/v3.0/contacts-api-recipients/add-recipients
It doesn't appear to me to be anywhere in the docs, but I thought I'd ask in case I missed it.
Not as of the current date; I asked their support staff and received the following answer:
Double opt-in needs to be implemented by you in the form/page you're subscribing your recipients. The confirmation email can be sent through SendGrid.
For Marketing Campaigns we have the SendGrid’s WordPress Subscription Widget that makes it easy for people visiting your WordPress site to subscribe to your marketing emails;
or Building a SendGrid Subscription Widget.
I got this answer from their support. It turns out we have to implement it by ourselves.
The double opt-in functionality is not something SendGrid provides as
we expect our customers to handle any opt-in practices on their side.
We apologize for any inconvenience.
SendGrid will be GDPR compliant by May, 25, 2018. Please note that
SendGrid does not – and does not currently have plans to – use servers
or data centers in the European Union to process email. Thus, SendGrid
cannot restrict data to the EU. However, neither current EU law nor
the GDPR require this. Instead, what is required is that SendGrid must
provide "appropriate safeguards" for data that it hosts and processes
on its US servers (see Art 46 of the GDPR here). SendGrid offers a
Data Processing Addendum (DPA) to provide such adequate safeguards,
which includes provisions for when GDPR goes into effect.
More info on GDPR can be found here. Our DPA can be reviewed and
signed by filling out the information here.
They do not support it. I asked support many times, which is a strange as it would seem a company of that size could spare the dev resources to build a feature that literally all of their customers need.
However, https://sgwidget.com is a third party product that provides double opt in functionality for Sendgrid accounts.
Full Disclosure: I am a developer at SG Widget.
No, indeed still today, they do not. Not in their forms, nor in their API is there simple, flip-switchable support for double opt-in. But, with email automation fairly recently implemented in their marketing services ("free" and "advanced" plans, not "essential") you can send an automated email directly upon sign-up.
My solution is to have 2 lists for new contacts, where one is a "pre-confirmation" list and the other being the "real" list. Here´s a way to use automation:
Create initial signup form, either via their sparse Web forms or via your own, using HTML/JS/PHP and API endpoint:
Create 2 separate lists, one for "pre-confirmation" emails and the other for people who confirm their addresses.
Make the form sign up new contacts to the first list, "pre-confirmation".
Create a marketing automation flow that triggers upon new signups to the "pre-confirmation" list. Make the automation trigger an email that contains a button or a link with the following link structure:
https://yoursite.com?email=user#email.com&passphrase=[phrase-you-set-manually]
where ?email= is your user´s email, substitute this in the email template/design by {{ Sender_Email }}
where &passphrase= is a phrase long enough to not be guessed. Since you only have one single email design here, and you can only enter one single phrase, unless you make a script or a hash, you make it difficult enough for people to think it was generated by a server :).
On your server/application, yoursite.com, use $_POST['email'] and $_POST['passphrase'], or whatever you name them, to validate the email clicks from your list and then enter all validated emails to the correct list using the PUT
/marketing/contacts endpoint.
you may also have to delete the user from the previous list, using DELETE
/marketing/lists/{id}/contacts, but I do think that the PUT /marketing/contacts takes care of placing the contact in only the lists specified in the list_ids field.
once the contact has been entered into the correct list, you can also have a marketing automation set up for that list, which sends him/her a welcome message.
This method takes care of double opt-in for SendGrid without using one single email credit from the Email API (transactional plan). The only catch is that we utilize one initial and one second/final list to achieve it.
Note: the initial sign-up message that here acts as the "confirm your email" message, will be tied to the first list and will require a marketing unsubscribe link in the footer. Make it clear in the bottom of the email that it is a temporary list, to not get any spam complaints. But it will not be an issue, as we wont be sending to anyone in that list except for this initial time. Unless you have a user who enters his/her email twice, after some time of inactivity when they forgot they already signed up. That could happen. But it´s a separate issue.
I think this is possible by switching the flow of a typical email subscriber. When the user clicks your subscribe button, instead of calling the sendgrid members/contact PUT api to add to your list, send an email with a link to a URL of yours that will then trigger the members/contact PUT api call.
Not sure what stack you are using but I was able to build something like this with next.js utilizing their api routes
When I do a Paypal API signature request under business profile, the generated api is using my old website ---whateverAPI.my-old-website.com
I've updated all of my business information and see no instances of the old url in my paypal account or the developer or sandbox accounts.
I do not have the old login information for developer area where I created the original API information as it was changed to my new login/business.
I need to change the URL associated with my account so the api generated has the apicode.new-website.com
I know this is a low level expertise for most of you compared to what you are coding but I am completely stuck and have tried everything I can think of.
Thanks for taking the time to read!
When the API is first requested on an account, it is generated based on the email address associated with the account at the time. Even if you remove the email address and request new API credentials, it will still use that original email address. There is no need for concern, you only set this in your API call or in your shopping cart to use. Buyers are not going to see it or anything, and it's not something you would regularly share or have to use all that often. Once you set it in your code, you don't really mess with it again unless you need to set up the API credentials again.
If this question has already been asked, please comment so I can remove it.
I'm aware of the advantages of email verification, especially in regard to spamming (which could easily kill me since most of the functionality is in posting comments).
I'm contemplating the removal of email account verification for the application I'm currently building. This is for numerous reasons:
I've noticed other apps/websites
simply don't implement it.
It's far more user friendly then to
skew the user over to their email.
Since the application is moderate in scale and functionality, revisits are short-lived, some users may be inquisitive about it as to sign up, but some might feel it's an overkill to actually go through email verification.
App is not celebrated as to compel visitors to take effort, sign up and verify.
I know I'm getting into the gust of it, and while I'm writing this visitors could've verified their account for the gazillionth time; however, would you agree that for some moderately scaled applications an account verification might deter a casual visitor?
What measures do you personally prefer to undertake?
Why not use some form of federated ID like OpenID and such?
Verification is good if you plan to send email to them on a regular basis. Otherwise if it's just a casual site, you will probably need to offer something compelling to get them to register and provide you a valid email address.
Do you have something compelling?