cancel
Showing results for 
Search instead for 
Did you mean: 

Access Denied

I am trying to access this page apitest.authorize.net/soap/v1/Service.asmx?wsdl and I'm getting an access denied error.

 

Has anyone seen this before?

rbjohnson78
Contributor
26 REPLIES 26

Work fine for me. How are you accessing it?

RaynorC1emen7
Expert

@rbjohnson78 This is the first report we've seen of this error.

Could you provide me with the IP address(es) of the computer(s) where you see this error, please?

Also, had you been connecting to us previously? What sort of API calls, and how often?

 

Having that information might help us figure out the problem. Thanks in advance.

 

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Lilith
Administrator Administrator
Administrator

We have been connecting fine for a while, up until the change from SHA-1 to SHA-2. I have called a few times to our merchant and authorize.net, and they stated that they found we have upto 160 api calls per minute. We don't see any issues on our side, but it appears our IP is blacklisted.  Not sure where to go from here.

 

Our computers are coming from 216.66.77.166.

Hello @rbjohnson78

 

Using SSL Labs server test, I checked the server you specified using https://www.ssllabs.com/ssltest/analyze.html?d=aramarkdemo.renovosoftware.com

 

According to the results, your server is only configured for TLS 1.0 using SHA1.

 

RIchard

This is response I got from Authorize.net below...  The IP is our firewall, and I was told we have the latest certs installed. I get 2 different responses, so I'm not sure which direction to persue. If our IP is blocked and we could get that removed, and we are still having the issue, then I know I need to figure out some how to beef up the cert that is built in or something. 

 

Hello Robert,

 

We have found the issue. For this developer in Sandbox we have seen excessive amount of API calls and the IP address was blocked. We see this IP address submitting up to 160 calls every few minutes to Sandbox consistently.

 

You should only be posting to Sandbox API when testing code changes/updates or any new integration they are creating to our APIs. There shouldn?t be any need to constantly post to Sandbox in this volume.

 

Can you please provide any explanation as to the activity they are submitting to Sandbox on why they need to submit so many transactions like this so often? We would need this information before requesting the removal of their IP address from the block we have in place in Sandbox.

 

Thank you for contacting Customer Support.

 

Regards,

 

Ashley G

Authorize.Net Customer Support

@rbjohnson78 Typically, if we're to blacklist an IP address, it'd be after identifying the merchant, after which we'd make repeated efforts to contact them to alert them to the blacklist. I'll have the IP address checked just in case.

But since you mentioned this started after we started using a SHA-2 certificate, it's more likely your solution is having issues with negotiating TLS with us, stemming from it not being able to validate our certificates.

Which server OS are you running? And does your solution depend on any particular framework or component, such as .NET, Ruby, OpenSSL, Java, etc.? Whatever details you can provide may help narrow down the problem.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

That would be very helpful if you can check.  I will look into the server side. 

@rbjohnson78 I'm going to follow up on that email you received as well. Thanks.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

Thank you! I appreciate it!