Have your own great idea for a new API feature?

or maybe a suggested improvement to an existing one? Share it and become a god of the developer world.

New Idea

We are a software developer with an interface to Authorize.net's API for storing card data using Customer Information Manager and issuing transactions based on the saved payment profiles.
A number of our clients separate credit card transactions by card type. To do this we need to know the card type for a payment profile saved in CIM. This information does not appear to be in your CIM documentation. Are there any plans for returning this data?

Status: Delivered
0 Votes

Abiility to fetch the list of required field names in the payment form  via API

Status: Under Review

Notice of Change reports via API

Status: Under Review
by ddri-rlevesque on ‎10-06-2016 08:27 AM

From what I understand getTransactionDetails will not provide the same information as the Notice Of Change report that is accessed via the website, i.e. corrected account and/or routing number.

 

The result of getTransactionDetails for a transaction in the NOC report is a “returned item” after the original transaction is settled successfully.  It is not until several days later that the returned item is generated. 

 

If the information provided by the NOC report could be accessed programmatically, one could correct the transaction and resubmit. 

 

Status: Under Review

Soft Descriptor and Contact Information

Status: Accepted
by jbracken1973 on ‎11-18-2014 08:38 AM - last edited on ‎01-15-2015 11:23 AM by Administrator Administrator

The ability to set the soft descriptors for a transaction. 

 

These are the fields that a customer sees on their statements, it allows for the customer to quickly ID the transactions reducing disputes and customer service.  For obvious reasons I hope.

 

Dynamic Descriptors include:

Business Name

Phone (Best Practices says this should be a Customer service number)

City and/or State

Status: Accepted

We plan to support Soft Descriptors when supported by the processors we connect to, and have plans to add support for TSYS and Global Payments.

Payment Page

Status: Declined
by Fcm on ‎12-10-2014 10:56 AM
Hi, An option of a payment page would be a great idea! For a retail business which uses a gateway due to the convenience of reporting etc., it is very annoying to need to login each time a customer wants to pay. If a merchant processes payments every 10-15 minutes, although they still have authorize.net open the page logs out due to inactivinty and they need to login again. This means they constantly need to login in. ANNOYING! As well, authorize.net does currently not properly support level II & level III processing. (Although you claim you do) Numerous merchants entered the data in the fields you advised and did not qualify for level II -level III rates. When they processed with a different gateway, they did. (IT"S A BIG PROBLEM!) The authorize.net community would appreicate action to the above mentiones matters. Thanks!
Status: Declined

We have a separate requst for Level 3 data at https://community.developer.authorize.net/t5/Ideas/Level-3-Support-Feature-request/idi-p/53711

 

For your other request to have a page that does not need authentication, we're going to decline.

0 Votes

There needs to be a way to verify if a transaction has already been posted or not in order to help eliminate possible payment duplication.  This could work by searching for an invoice number, date, and possibly even a payment amount; and get a list of all transactions where there is a match.  This way I can make sure my application isnt trying to charge a second time when it should not.

Status: Accepted

When creating a customer profile and receiving the E000039 error that tells us there is a duplicate customer profile that already exists it would be useful to get that duplicate profile ID in the response other than inside the error text. While technically possible to pull it out of the error message it would be much easier and less prone to issue if we could get it back somewhere directly, such as the CustomerProfileID filed that already exists on the createCustomerProfileResponse object. 

0 Votes

Authnet Java SDK doesnt support TLS 1.2. Need to update util classes.

Status: Accepted
by TonyC ‎06-13-2017 11:45 AM - edited ‎06-13-2017 11:53 AM

Our company was having trouble with our connection to Authnet in the sandbox environment due to the recent upgrade requiring TLS 1.2. Our company's app is running with Java 1.7. We tried setting our project's http protocols to force TLS 1.2 but this didnt seem to be working. Eventually we discovered that the anet-java-sdk:1.9.3 is usign a default HTTPClient. We had to override the HttpClient and HttpCallTask classes in the util directory.  

 

Anywhere that the class set up a defaultHttpClient, we replaced that code with this:

 

SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

 

 

The entire HttpClient and HttpCallTask classes are below. If we could get these changes added to a new SDK from Authnet, that may help other customers avoid this same problem. Also, it would be helpful for us as then we can continue just importing the entire file library rather than including all the anet files in our own code structure. 

 

HttpClient:

 

package net.authorize.util;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URLDecoder;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.CoreProtocolPNames;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.protocol.HTTP;

import net.authorize.Environment;
import net.authorize.ResponseField;
import net.authorize.Transaction;

import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.CloseableHttpClient;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.SSLContexts;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;


/**
* Transportation object used to facilitate the communication with the respective gateway.
*
*/
public class HttpClient {
private static Log logger = LogFactory.getLog(HttpClient.class);

public static final String ENCODING = "UTF-8";
static boolean proxySet = false;

static boolean UseProxy = Environment.getBooleanProperty(Constants.HTTPS_USE_PROXY);
static String ProxyHost = Environment.getProperty(Constants.HTTPS_PROXY_HOST);
static int ProxyPort = Environment.getIntProperty(Constants.HTTPS_PROXY_PORT);
static int httpConnectionTimeout = Environment.getIntProperty(Constants.HTTP_CONNECTION_TIME_OUT);
static int httpReadTimeout = Environment.getIntProperty(Constants.HTTP_READ_TIME_OUT);

static {
LogHelper.info(logger, "Use Proxy: '%s'", UseProxy);

httpConnectionTimeout = (httpConnectionTimeout == 0 ? Constants.HTTP_CONNECTION_TIME_OUT_DEFAULT_VALUE : httpConnectionTimeout );
httpReadTimeout = (httpReadTimeout == 0 ? Constants.HTTP_READ_TIME_OUT_DEFAULT_VALUE : httpReadTimeout);
}
/**
* Creates the http post object for an environment and transaction container.
*
* @param env
* @param transaction
* @return HttpPost object
*
* @throws Exception
*/
private static HttpPost createHttpPost(Environment env, Transaction transaction) throws Exception {
URI postUrl;
HttpPost httpPost = null;

if(transaction instanceof net.authorize.aim.Transaction ||
transaction instanceof net.authorize.sim.Transaction) {

if(transaction instanceof net.authorize.aim.Transaction &&
((net.authorize.aim.Transaction)transaction).isCardPresent()) {

postUrl = new URI(env.getCardPresentUrl() + "/gateway/transact.dll");
} else {
postUrl = new URI(env.getBaseUrl() + "/gateway/transact.dll");
}

httpPost = new HttpPost(postUrl);

httpPost.getParams().setBooleanParameter(CoreProtocolPNames.USE_EXPECT_CONTINUE, false);

//set the tcp connection timeout
httpPost.getParams().setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT, httpConnectionTimeout);
//set the time out on read-data request
httpPost.getParams().setIntParameter(HttpConnectionParams.SO_TIMEOUT, httpReadTimeout);

httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
httpPost.setEntity(new StringEntity(transaction.toNVPString(), HTTP.UTF_8));
} else if (transaction instanceof net.authorize.arb.Transaction ||
transaction instanceof net.authorize.cim.Transaction ||
transaction instanceof net.authorize.reporting.Transaction) {

postUrl = new URI(env.getXmlBaseUrl() + "/xml/v1/request.api");
httpPost = new HttpPost(postUrl);
httpPost.getParams().setBooleanParameter(CoreProtocolPNames.USE_EXPECT_CONTINUE, false);

//set the TCP connection timeout
httpPost.getParams().setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT, httpConnectionTimeout);
//set the time out on read-data request
httpPost.getParams().setIntParameter(HttpConnectionParams.SO_TIMEOUT, httpReadTimeout);

httpPost.setHeader("Content-Type", "text/xml; charset=utf-8");
httpPost.setEntity(new StringEntity(transaction.toXMLString(), HTTP.UTF_8));
}

return httpPost;
}

/**
* Creates a response map for a given response string and transaction container.
*
* @param transaction
* @param responseString
* @return container map containing semi-processed data after request was posted
* @throws UnsupportedEncodingException
*/
private static Map<ResponseField, String> createResponseMap(Transaction transaction, String responseString)
throws UnsupportedEncodingException {

Map<ResponseField, String> responseMap = null;

// aim/sim
if(transaction instanceof net.authorize.aim.Transaction ||
transaction instanceof net.authorize.sim.Transaction) {

String decodedResponseData = URLDecoder.decode(responseString, HTTP.UTF_8);


responseMap = ResponseParser.parseResponseString(decodedResponseData);
}

return responseMap;
}

/**
* Executes a Transaction against a given Environment.
*
* @param environment
* @param transaction
* @return container map containing semi-processed data after request was posted
*/
public static Map<ResponseField, String> execute(Environment environment, Transaction transaction) {
Map<ResponseField, String> responseMap = new HashMap<ResponseField, String>();

if(environment != null && transaction != null) {
try {
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

setProxyIfRequested(httpClient);

// create the HTTP POST object
HttpPost httpPost = createHttpPost(environment, transaction);

// execute the request
HttpResponse httpResponse = httpClient.execute(httpPost);
String rawResponseString;
if(httpResponse != null && httpResponse.getStatusLine().getStatusCode() == 200) {
HttpEntity entity = httpResponse.getEntity();

// get the raw data being received
InputStream instream = entity.getContent();
rawResponseString = convertStreamToString(instream);
}
// handle HTTP errors
else {
StringBuilder responseBuilder = new StringBuilder();
responseBuilder.append(3).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(3).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(22).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(httpResponse != null ? httpResponse.getStatusLine().getReasonPhrase() : " ");
rawResponseString = responseBuilder.toString();
}

httpClient.getConnectionManager().shutdown();

String cleanResponseString = XmlUtility.descapeStringForXml(rawResponseString);

responseMap = HttpClient.createResponseMap(transaction, cleanResponseString);
} catch (Exception e) {
LogHelper.warn(logger, "Exception getting response: '%s': '%s', '%s'", e.getMessage(), e.getCause(), Arrays.toString(e.getStackTrace()));
}
}

return responseMap;
}

/**
* Converts a response inputstream into a string.
*
* @param is
* @return String
*/
public static String convertStreamToString(InputStream is) {
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
StringBuilder sb = new StringBuilder();

String line;
try {
while ((line = reader.readLine()) != null) {
sb.append(line).append("\n");
}
} catch (IOException e) {
LogHelper.warn(logger, "Exception reading data from Stream: '%s'", e.getMessage());
} finally {
if ( null != reader){
try {
reader.close();
} catch (IOException e) {
LogHelper.warn(logger, "Exception closing BufferedReader: '%s'", e.getMessage());
}
}

if ( null != is) {
try {
is.close();
} catch (IOException e) {
LogHelper.warn(logger, "Exception closing InputStream: '%s'", e.getMessage());
}
}
}
return sb.toString();
}


/**
* Executes a Transaction against a given Environment.
*
* @param environment
* @param transaction
* @return BasicXmlDocument containing semi-processed data after request was posted
*/
public static BasicXmlDocument executeXML(Environment environment, Transaction transaction) {
BasicXmlDocument response = new BasicXmlDocument();

if(environment != null && transaction != null) {
try {
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

setProxyIfRequested(httpClient);

// create the HTTP POST object
HttpPost httpPost = createHttpPost(environment, transaction);

// execute the request
HttpResponse httpResponse = httpClient.execute(httpPost);
String rawResponseString;
if(httpResponse != null && httpResponse.getStatusLine().getStatusCode() == 200) {
HttpEntity entity = httpResponse.getEntity();

// get the raw data being received
InputStream instream = entity.getContent();
rawResponseString = convertStreamToString(instream);
}
else {
StringBuilder responseBuilder = new StringBuilder();
if(transaction instanceof net.authorize.arb.Transaction ||
transaction instanceof net.authorize.cim.Transaction ||
transaction instanceof net.authorize.reporting.Transaction) {

responseBuilder.append("<?xml version=\"1.0\" ?>");
responseBuilder.append("<messages><resultCode>Error</resultCode>");
responseBuilder.append("<message><code>E00001</code>");
responseBuilder.append("<text>");
responseBuilder.append(httpResponse != null?httpResponse.getStatusLine().getReasonPhrase():"");
responseBuilder.append("</text></message></messages>");
} else {
responseBuilder.append("<?xml version=\"1.0\" ?>");
responseBuilder.append("<response>");
responseBuilder.append("<ResponseCode>3</ResponseCode>");
responseBuilder.append("<Errors><Error><ErrorCode>22</ErrorCode><ErrorText><![CDATA[");
responseBuilder.append(httpResponse != null?httpResponse.getStatusLine().getReasonPhrase():"");
responseBuilder.append("]]></ErrorText></Error></Errors></response>");
}

rawResponseString = responseBuilder.toString();
}


httpClient.getConnectionManager().shutdown();

if(rawResponseString == null) return null;


int mark = rawResponseString.indexOf("<?xml");
if(mark == -1){
return null;
}

response.parseString(rawResponseString.substring(mark,rawResponseString.length()));
if(response.IsAccessible() == false){
return null;
}
} catch (Exception e) {
LogHelper.warn(logger, "Exception getting response: '%s': '%s', '%s'", e.getMessage(), e.getCause(), Arrays.toString(e.getStackTrace()));
}
}

return response;
}

/**
* if proxy use is requested, set http-client appropriately
* @param httpClient the client to add proxy values to
*/
public static void setProxyIfRequested(CloseableHttpClient httpClient) {
if ( UseProxy)
{
if ( !proxySet) {
LogHelper.info(logger, "Setting up proxy to URL: '%s://%s:%d'", Constants.PROXY_PROTOCOL, ProxyHost, ProxyPort);
proxySet = true;
}
HttpHost proxyHttpHost = new HttpHost(ProxyHost, ProxyPort, Constants.PROXY_PROTOCOL);
httpClient.getParams().setParameter( ConnRoutePNames.DEFAULT_PROXY, proxyHttpHost);
}
}
}

 

HttpCallTask:

 

package net.authorize.util;

import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.concurrent.Callable;

import javax.xml.bind.JAXBException;
import javax.xml.bind.UnmarshalException;

import net.authorize.Environment;
import net.authorize.api.contract.v1.ANetApiRequest;
import net.authorize.api.contract.v1.ANetApiResponse;
import net.authorize.api.contract.v1.MessageTypeEnum;
import net.authorize.api.contract.v1.MessagesType;
import net.authorize.api.contract.v1.MessagesType.Message;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.CloseableHttpClient;
import javax.net.ssl.SSLContext;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.conn.ssl.SSLContexts;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
//import net.authorize.api.controller.base.ErrorResponse;

/**
* Callable task to make http calls in future
* @author ramittal
*
*/
public class HttpCallTask implements Callable<ANetApiResponse> {
private static Log logger = LogFactory.getLog(HttpCallTask.class);

Environment env = null;
ANetApiRequest request = null;
@SuppressWarnings("rawtypes")
Class classType = null;

//private static ANetApiResponse errorResponse = null;
private Message errorMessage = null;

/**
* Creates task to be called in future for making http call
* @param env Env to point to
* @param request Http request to send
* @param classType Expected response type if successful
*/
public <T> HttpCallTask(Environment env, ANetApiRequest request, Class<T> classType) {
this.env = env;
this.request = request;
this.classType = classType;
this.errorMessage = new Message();
}

@SuppressWarnings("unchecked")
/**
* Makes a http call, using the proxy if requested, and returns apiresponse
* with error code set appropriately
* @return ANetApiResponse successful or failed response
*/
public ANetApiResponse call() throws Exception {
ANetApiResponse response = null;
StringBuilder buffer = new StringBuilder();

CloseableHttpClient httpCaller = null;

try {
HttpPost httppost = HttpUtility.createPostRequest(this.env, this.request);
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

httpCaller = HttpClients.custom()
.setSSLSocketFactory(f)
.build();
HttpClient.setProxyIfRequested(httpCaller);
HttpResponse httpResponse = httpCaller.execute(httppost);

if ( null != httpResponse) {
if ( null != httpResponse.getStatusLine()) {
if ( 200 == httpResponse.getStatusLine().getStatusCode()) {

HttpEntity entity = httpResponse.getEntity();
// get the raw data being received
InputStream instream = entity.getContent();
buffer.append(HttpUtility.convertStreamToString(instream));
}
}
}
LogHelper.debug(logger, "Raw Response: '%s'", buffer.toString());
// handle HTTP errors
if (0 == buffer.length()) {
response = createErrorResponse(httpResponse, null);
} else { // i.e. if ( StringUtils.isNotEmpty(buffer.toString()))
Object localResponse = null;

try {
localResponse = XmlUtility.create(buffer.toString(), this.classType);
} catch(UnmarshalException ume) {
try {
//try deserializing to error message
localResponse = XmlUtility.create(buffer.toString(), net.authorize.api.contract.v1.ErrorResponse.class);
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}

//ObjectFactory factory = new ObjectFactory();
//JAXBElement<ANetApiResponse> error = factory.createErrorResponse();

//check if error
if ( null == localResponse) {
try {
response = XmlUtility.create(buffer.toString(), ANetApiResponse.class);
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}
} else {
if (localResponse instanceof ANetApiResponse)
{
response = (ANetApiResponse) localResponse;
} else {
LogHelper.warn( logger, "Unknown ResponseType: '%s'", localResponse);
}
}
}
} catch (ClientProtocolException cpe) {
response = createErrorResponse(null, cpe);
} catch (IOException ioe) {
response = createErrorResponse(null, ioe);
} finally {
if ( null != httpCaller) {
httpCaller.getConnectionManager().shutdown();
}
}

return response;
}

private ANetApiResponse createErrorResponse(HttpResponse httpResponse, Exception exception) {
ANetApiResponse response = new ANetApiResponse();

MessagesType aMessage = new MessagesType();
aMessage.setResultCode(MessageTypeEnum.ERROR);
response.setMessages(aMessage);

List<Message> messages = response.getMessages().getMessage();
//clear all messages
messages.clear();

setErrorResponse(messages, httpResponse);
setErrorResponse(messages, exception);

return response;
}

private void setErrorResponse(List<Message> messages, HttpResponse httpResponse) {
if ( null != httpResponse) {
messages.add(errorMessage);
String code = "Error";
String text = "Unknown Error";
if (null != httpResponse.getStatusLine())
{
LogHelper.warn( logger, "Error deserializing response to '%s'", this.classType);

code = String.format("%d", httpResponse.getStatusLine().getStatusCode());
if (null != httpResponse.getStatusLine().getReasonPhrase()) { text = httpResponse.getStatusLine().getReasonPhrase();}
}
setErrorMessageValues(code, text);
}
}

private void setErrorResponse(List<Message> messages, Exception exception) {
if ( null != exception) {
messages.add(errorMessage);
String code = "Error";
String text = "Unknown Error";
LogHelper.error( logger, "Http request execute failed: '%s'", exception.getMessage());
code = exception.getClass().getCanonicalName();
//code = exception.getClass().getTypeName();// requires java1.8
text = exception.getMessage();

setErrorMessageValues(code, text);
}
}

private void setErrorMessageValues(String code, String text) {
errorMessage.setCode(code);
errorMessage.setText(text);
LogHelper.warn(logger, "Adding ErrorMessage: Code: '%s', Text: '%s'", code, text);
}
}

 

Hopefully this is helpful for anyone else struggling to connect to the Sandbox environment. 

 

-Tony

Status: Accepted

Include ACH in Accept.Js

Status: Accepted
by dnsBuffaloNY on ‎10-01-2016 12:26 PM

Accept.Js works great!  It allows my website to capture Credit Card information without that data ever posting back to my servers.  I don't any PCI Compliance headaches.

 

My suggestion would be to enhance Accept.JS to also allow for ACH payments.  That is, have accept.JS allow for the capture of a Routing and Account Number.  It could look like this:

 

var secureData = {}, authData = {}, bankData = {};
	
	bankData.routingNumber = document.getElementById('ROUTINGNUMBER_ID').value;
	bankData.accountNumber = document.getElementById('ACCOUNTNUMBER_ID').value;

	secureData.bankData = bankData;

	authData.clientKey = '6WrfHGS76gHW3v7btBCE3HuuBukej96Ztfn5R32G5ep42vne7MCWZtAucY';
	authData.apiLoginID = 'my_api_login_id';
	secureData.authData = authData;
	
	Accept.dispatchData(secureData, 'responseHandler');

Here's a related communit post.

 

https://community.developer.authorize.net/t5/Integration-and-Testing/Accept-JS-and-ACH/m-p/55887#M30...

 

Thank you for your consideration!

Status: Accepted

I have a scenario where I'm performing an authorization with a payment nonce, then creating a profile from that successful authorization, and later capturing the authorized amount. This is a nice workflow because I only create a payment profile if the authorization succeeds.

 

But unfortunately, this workflow is not possible because the authorization is not associated with the payment profile, and doesn't show up under its history. In a scenario where we're using a profile for recurring transactions, it's a big deal to us to have the initial payment in the history.

 

See this thread for more details as to alternatives that are less ideal.

 

 

It'd be very helpful if, when I create a profile from a transaction, if that transaction became the initial transaction in the payment profile's history, and I was able to capture it as though it had been issued from that profile.

 

Approve Held Transactions via API

Status: Delivered
by andrewskaggs on ‎03-17-2016 05:48 AM

Currently, transactions flagged as suspicious and held for review by the Fraud Detection Suite can only be approved via the Merchant Interface.

 

It would be much more convenient if we were able to approve these held transactions via the API without requiring our admins to log into the Merchant Interface.

We'd like to proactively email customers who have credit cards about to expire. It would be very helpful to have one call that would return all those customer ids with payment profile id(s) and expiration date.

Status: Delivered

Hi Guys,

      Today We have faced one situatuion in my software for online payment process, i need to process the $102.00 amount using Authorize.net, but We need to get the $100.00 for One Merchant ID and $2.00 (Convenience Fee) for another Merchant ID.

 

Thanks,

Vijay.K

Status: Under Review

As noted in the FAQ, Authorize.net waits 10 seconds to receive a response from DPM POST requests:

http://developer.authorize.net/faqs/#rrcauses

 

It also notes that "On occasion, timeouts will occur that are outside of the control of your script or our servers. Typical reasons for these timeouts are Internet traffic, merchant server overload or malfunctions, or Internet routing issues. Depending upon your server location and what route is used to send data, it is possible that you may occasionally receive a time out message."

 

It appears that Authorize.net does not retry a failed POST, even if the 10 second timeout has not been reached. This was confirmed by an admin in the forums ("We currently do not retry failed posts").

 

I propose that this behavior be changed. If an Authorize.net POST request fails, prior to the 10 second cut-off, the POST should be retried, possibly with a short backoff (e.g., wait a second or two to reinitiate, to prevent a flood of requests).

 

As background, we have been using DPM successfully for a couple of years now, but we do occassionally see "timeout" errors. Crucially, it does not appear that these are actually caused by timeouts. The first thing we do in handling the response is log receipt of the request. But we see no evidence of having received the requests in our logs. Which suggests that the problem is happening outside of our network.

 

As it currently stands, Authorize.net's POST request could fail immediately due to some extremely transitory issue (perhaps even within their network). They would immediately receive a "connection reset by peer" error or whatever. And even though virtually none of the 10 second timeout period has been consumed, the customer receives a timeout error.

 

The DPM process should make more of an effort to communicate the transaction status and prevent this failure scenario.

 

Possibly related to this request would be additional logging facilities, so that both Authorize.net and its customers could have more insight into what exactly is occuring. IOW, it would be very helpful to have some visibility into *why* Authorize.net's POST request failed, and how long it took. It could provide much needed stats to discover how often the "timeout" problem is happening and whether these suggested changes are actually making a difference.

 

 

 

 

 

 

Status: Delivered

DPM is now replaced by Authorize.Net Accept.js, a javascript library for accepting payments: http://developer.authorize.net/api/reference/features/acceptjs.html

Created from previous thread: https://community.developer.authorize.net/t5/Integration-and-Testing/refundTransaction-requires-expi...

 

Currently, to refund a transaction, you must provide both the masked credit card number and expiration date.   Yet this information adds nothing to the request -- in fact, if you no longer have this information, you must issue a separate getTransactionDetail transaction to fetch this information.   Rather than requiring two separate transactions to perform a single task, only require the original transaction id.

 

Status: Accepted
0 Votes

I'm currently working on a solution where our customers have requested a migration-tool, to tie existing CIM entries to their business partners in their ERP system.

 

In this case a method to retrieve all CIM profiles along with their corresponding payment profiles would be helpful.

 

Currently the only option is to query the API for all CIM profile IDs and then iterate them and call the API for each one.

In the sandbox environment this takes roughly 20 minutes for 4000 entries, using multi-threaded requesting. This performance is obviously pretty poor, and I imagine the method I described above would allviate this problem.

Status: Accepted

Despite using best security practices to protect passwords, we consider the single form authentication to the Authorize.net portal to be a critical security concern.

 

The concern is especially high with regard to CIM. When CIM is enabled, anybody breaking into the Authorize.net account can do a lot of damage (like creating transactions).

 

We are in 2015 and two form factor authentication is widespread and easy to implement. It does not have to be a full blown 2-factor with MFA devices. A simple solution - for example using a mobile phone access code - would already be a huge improvement over the current system.

 

 

Status: Under Review

Level 3 Support Feature request

Status: Accepted
by thill on ‎02-05-2016 09:50 AM

I have just recently wrapped up an integration with Auth.net to our website and erp system using CIM and the Payment Transaction API.  Our system is passing the Level 3 data to Auth.net, but Auth.net doesn't pass this information to the processor.  I was curious about the decision for Auth to hold onto the data and not deliver it to the processors and if this feature is on the roadmap?  I would love to have the L3 data passed around, we could realize an incredible amount of savings from this (fees can be cut by up to half with this information, That's huge!). 

 

If this isn't on the roadmap, please consider adding support for this.

 

Status: Accepted

Declined Transactions Emailed to Us

Status: Declined
by Liquid on ‎11-13-2014 07:19 PM

We need the DECLINED / Non-Payments to be EMAILED TO us. I have ALSO asked for this easy and basic functionality for years. We have recieved nothing but a "we are working on it" response for YEARS. It's beyond frustrating.

 

It's a very simple task. It is ABSURD that you do NOT have this option yet.

 

We NEED to have the DECLINED Payments (and not just successful payments) EMAILED directly to various admins here at our small business AND the reason for the decline (i.e. incomplete payment or expired credit card).

 

Please advise on when this will actually be impleted. Thank you.

Status: Declined