Cybersource Developer Community Cybersource Developer Community

Understood on the Transaction Key.  I was planning on keeping it serverside.  I understood that the authorize.net keeps its own copy for security.  The documentation just does not talk about the response.  Also,  do you leave off the relay_url in the   data send to https://test.authorize.net/gateway/transact.dll.

Thanks

Doug Reid

I don't have any experience with getJSON, but from the sound of it, look like you will want to use the relay response, and parse out the response that way. Without relay response your option would be silent post and the reciept page.

I would said get it to work with a regular form post first then get try it with getJSON.

This is why I posed the question.  There should be option to get the reponse directly back without going to a separate script.   Unless my experience with dynamic html is incorrect, once you load a new script this way you load a new page and lose the connection to the orignal page.  A full JSON implementation would not be difficult from what the sdk is today, but it would just require a new var on the post to signify send the response back directly and probably excluding the relay url.

Doug

Sound like you probably want to use AIM and do whatever you want to do.

After studying what authorize.net is doing, I now understand the relay and receipt php files are additional layers of security.  I did not realize the Merchant has to add the url to their accounts to get it to work.  I have to live with situation.  Using AIM requires a SSL certificate for data security.   I can live with the DPM limitations I think I just have to work around the issues.  Especially since it is being built for Joomla.

Interestingly, as I dive in more the relay_response.php makes less sense to me.   The example in the documentation is broken because it fails the md5 hash test.   If you look deeper there is no use for the 

$response = new AuthorizeNetSIM($api_login_id, $md5_setting);

if ($response->isAuthorizeNet()) {

  if ($response->approved)  {

  } else {

  }

} else {

}

Then AuthorizeNetSIM does not really do anything.   The approved setting really needs to look at the _POST data to see if it is approved.   I really do not see why this _POST data could not be sent back with the original Payment post and not have the other 2 files at all.    The documentation does not clarify why the response of class AuthorizeNetSIM  is necessary.   The transaction was approved even when the relay_response.php did not ask for the receipt because of the Hash check issue.   The transaction approval email was sent without the receipt request was sent.

Doug

The SDKs is not need at all if you know what you are doing. It great if you do exactly as they want you to do for the 15 minutes quick start.

So, instead of the SDKS, read the documentation(both SIM/DPM).