pub struct HttpRequestHeaders {
    pub accept: String,
    pub authorization: String,
    pub content_type: String,
    pub paypal_auth_assertion: Option<String>,
    pub client_client_metadata_id: Option<String>,
    pub paypal_partner_attribution_id: Option<String>,
    pub paypal_request_id: Option<String>,
    pub user_agent: String,
}
Expand description

The commonly used HTTP request headers

Fields§

§accept: String

The response format, which is required for operations with a response body.

§authorization: String

Required to get an access token or make API calls:

  • Get an access token partial:partials/docs/oauth-credentials.en-XC partial:partials/docs/access-tokens.en-XC partial:partials/docs/rest/bearer-token.en-XC
  • Make REST API calls

Include the access token in the Authorization header with the Bearer authentication scheme.

§content_type: String

The request format, which is required for operations with a request body.

§paypal_auth_assertion: Option<String>

An API client-provided JSON Web Token (JWT) assertion that identifies the merchant.

To use this header, you must get consent to act on behalf of a merchant. You might want to use a JWT if you act on behalf of multiple merchants at the same time, because it is difficult and expensive to generate and manage multiple access tokens. Instead of managing multiple access tokens, you can use this header to provide a JWT assertion that identifies the merchant when you call the API.

Constructing the JWT

While you can use either a signed or unsigned (unsecured) JWT, PayPal recommends using the unsigned JWT for simplicity because the information you pass with the JWT is not sensitive data.

A JWT consists of three parts:

  • Header: Identifies the algorithm that generated the signature. Because PayPal recommends an unsigned JWT, pass an alg of none for the header.
  • Payload: Defines a set of claims, or statements, about an entity. In the case of the PayPal-Auth-Assertion header, the entity is typically the merchant. The payload can contain iss, which identifies the third-party calling the API, and one of the following to identify the merchant for whom the call is made: email or payer_id. Note: Because a merchant’s email address can change, PayPal recommends using payer_id to specify a merchant.
  • Signature: Validates the token and consists of the encoded header, the encoded payload, a secret, and the algorithm. Because PayPal recommends an unsigned JWT, pass an empty string for the signature. Note: If you prefer a signed JWT, you can sign it using your secret from your API credentials.

Examples

JOSE header: “alg”: “none” Payload:

"iss": "client_id",
"payer_id": "merchant_payer_id"

Signature. Use “” for the unsigned case.

To pass the JWT easily in HTTP environments, use Base64 to encode all three parts of the JWT separately, then concatenate them with a period (.). The following code shows the previous example after Base64 encoding and compact serialization (or concatenation): ew0KICAiYWxnIjogIm5vbmUiDQp9.ew0KICAiaXNzIjogImNsaWVudF9pZCIsDQogICJwYXllcl9pZCI6ICJtZXJjaGFudF9wYXllcl9pZCINCn0=.

Refer to Issue a Refund in the PayPal Commerce Platform documentation for an example of using the PayPal-Auth-Assertion header in an API call.

§client_client_metadata_id: Option<String>

Verifies that the payment originates from a valid, user-consented device and application. Reduces fraud and decreases declines. Transactions that do not include a client metadata ID are not eligible for PayPal Seller Protection.

§paypal_partner_attribution_id: Option<String>

Optional. Identifies the caller as a PayPal partner. To receive revenue attribution, specify a unique build notation (BN) code. BN codes provide tracking on all transactions that originate or are associated with a particular partner. To find your BN code, see Code andCredential Reference.

§paypal_request_id: Option<String>

For example, a user calls refund captured payment with the PayPal-Request-Id header that contains a unique user-provided ID. The user can make the call again with the same ID in the PayPal-Request-Id header for up to 45 days because the server stores this ID for this long for this call.

If the initial call fails with the HTTP 500 status code but the server has already refunded the payment, the caller does not need to worry that the server will refund the payment again.

Note: Not all APIs support this header. To determine whether your API supports it and for information about how long the server stores the ID, see the reference for your API.

§user_agent: String

Implementations§

Trait Implementations§

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Returns the “default value” for a type. Read more
Deserialize this value from the given Serde deserializer. Read more
Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more