Closed ynaft closed 1 year ago
uherberg
commented
1 year ago @ynaft Have you tested the signatures with the docker container (i.e. this GitHub project) or on the eBay API? Note that on the eBay APIs, you need to set the x-ebay-enforce-signature header for now to enforce signature verification and also call one of the impacted APIs. Please review the detailed description at https://developer.ebay.com/develop/guides/digital-signatures-for-apis
ynaft
commented
1 year ago I did test it on the ebay API with x-ebay-enforce-signature : true and sent in dummy values as the key and still got back a 200
requestMessage.Headers.Add("x-ebay-signature-key", "BLABLA");
requestMessage.Headers.Add("x-ebay-enforce-signature", "true");The api that I tested it was https://developer.ebay.com/api-docs/sell/finances/resources/payout/methods/getPayouts
uherberg
commented
1 year ago Okay, thanks. I will have a look
ynaft
commented
1 year ago @uherberg Had a chance to look into it?
uherberg
commented
1 year ago @ynaft Apologies for the delayed response. The x-ebay-enforce-signature header is no longer required. As soon as the seller is a European seller, the signature will always be enforced. That includes the sandbox environment. Can you let me know if you still face this issue?
uherberg
commented
1 year ago Closing this issue for now. Feel free to reopen if it isn't resolved for you yet
We implemented the Digital Signatures for APIs but there is no way for us to test it, since all calls comes back as valid.
How do you recommend we test this new requirement?
Thanks.