I implement 'account deletion notification' on php project.
I got public key from getPublicKey but I can not verification it as manual validation
The following procedure can be used to manually process the notification and validate the message payload integrity:
- Use a Base64 function to decode the X-EBAY-SIGNATURE header and retrieve the public key ID and the signature. -- Done
- Call the getPublicKey Notification API method, passing in the public key ID ("kid") retrieved from the decoded signature header. -- Done
- Initialize the cryptographic library to perform the verification with the public key that is returned from the getPublicKey method.
Please advise how to process on 3.
Thanks in advance