{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "#/components/schemas/verify_webhook_signature", "title": "Verify Webhook Signature", "type": "object", "description": "A verify webhook signature request.", "properties": { "auth_algo": { "type": "string", "maxLength": 100, "pattern": "^[a-zA-Z0-9]+$", "description": "The algorithm that PayPal uses to generate the signature and that you can use to verify the signature. Extract this value from the `PAYPAL-AUTH-ALGO` response header, which is received with the webhook notification." }, "cert_url": { "type": "string", "maxLength": 500, "format": "uri", "description": "The X.509 public key certificate. Download the certificate from this URL and use it to verify the signature. Extract this value from the `PAYPAL-CERT-URL` response header, which is received with the webhook notification." }, "transmission_id": { "type": "string", "maxLength": 50, "pattern": "^(?!\\d+$)\\w+\\S+", "description": "The ID of the HTTP transmission. Contained in the `PAYPAL-TRANSMISSION-ID` header of the notification message." }, "transmission_sig": { "type": "string", "maxLength": 500, "pattern": "^(?!\\d+$)\\w+\\S+", "description": "The PayPal-generated asymmetric signature. Appears in the `PAYPAL-TRANSMISSION-SIG` header of the notification message." }, "transmission_time": { "type": "string", "maxLength": 100, "format": "date-time", "description": "The date and time of the HTTP transmission, in [Internet date and time format](https://tools.ietf.org/html/rfc3339#section-5.6). Appears in the `PAYPAL-TRANSMISSION-TIME` header of the notification message." }, "webhook_id": { "type": "string", "maxLength": 50, "pattern": "^[a-zA-Z0-9]+$", "description": "The ID of the webhook as configured in your Developer Portal account." }, "webhook_event": { "$ref": "#/components/schemas/event" } }, "required": [ "auth_algo", "cert_url", "transmission_id", "transmission_sig", "transmission_time", "webhook_id", "webhook_event" ] }