PayPal OpenID Implementation details

Follow up to the previous entry for PayPal OpenID provider:

Main Links

OpenID Endpoint https://www.paypal.com/webapps/auth/server
OpenID Identifier https://www.paypal.com/webapps/auth/server
This should return the XRDS that can be used to discover the end point)
Docs Link https://www.x.com/community/ppx/xspaces/identity
Submit RP for whitelisting https://www.x.com/create-appvetting-app!input.jsp


Simple Registration (
http://openid.net/sreg/1.0)

Prefix http://openid.net/sreg/1.0
openid.sreg.required email,fullname,dob,postcode,country,language,
timezone

 

Attribute Exchange (http://openid.net/srv/ax/1.0)
Generic Attributes

first name http://axschema.org/namePerson/first
last name http://axschema.org/namePerson/last
email http://axschema.org/contact/email
full name http://schema.openid.net/contact/fullname
dob http://axschema.org/birthDate
postcode http://axschema.org/contact/postalCode/home
country
http://axschema.org/contact/country/home
language
http://axschema.org/pref/language
timezone
http://axschema.org/pref/timezone
street1
http://schema.openid.net/contact/street1
street2
http://schema.openid.net/contact/street2
city
http://axschema.org/contact/city/home
state
http://axschema.org/contact/state/home
phone http://axschema.org/contact/phone/default


PayPal Specific Attributes

Verified Account https://www.paypal.com/webapps/auth/schema/verifiedAccount
Payer ID https://www.paypal.com/webapps/auth/schema/payerID

PAPE (http://specs.openid.net/extensions/pape/1.0)

preferred_auth_policies  

 

 

http://schemas.openid.net/pape/policies/2007/06/phishing-resistant 

http://schemas.openid.net/pape/policies/2007/06/multi-factor

http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical

max_auth_age [ integer value greater than or equal to zero in seconds]
preferred_auth_level_types papeauthlevel1 papeauthlevel2
auth_level.ns.papeauthlevel1 http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
auth_level.ns.papeauthlevel2 http://www.jisa.or.jp/spec/auth_level.html

3 Responses to “PayPal OpenID Implementation details”

  1. Anil John says:

    How exactly do you configure Paypal to be an OpenID provider? The paypal-ids.com link seems to be dead.

  2. Karsten says:

    Would you know the openid endpoints for the sandbox?

  3. Ashish Jain says:

    Disclaimer – I’m not with PayPal anymore.
    Anil – paypal-ids has been deprecated. PayPal.com can now act as the endpoint. Reach out to @paypalx for sample code.

    Karsten – OpenID endpoint wasn’t available for sandbox.

Leave a Reply

Image | WordPress Themes