01-19-2018 05:14 PM
Hi Everyone, not sure if this the correct place to post this question.
Years ago I wrote an Authorize.NET integration solution for my company. It uses a hosted payment page, and the "Silent Post" feature. Recently we were told by a Auth.NET representative that "Silent Post" is unreliable, and we should switch to using "Webhooks". So I am doing that work now, but I am noticing that Webhooks doesn't send any of our custom fields, and we really needs those to figure out which product was purchased.
Here are some extra details to help clear up some confusion. This is the flow of our website:
1) First our clients will use our Portal to search for products they want to buy. They add them to our shopping cart, and when they are ready to pay, they press a payment button. That button causes a HTTP POST of the following form elements to Authorize.NET:
<form id=auth2 name=auth2 method='post' action='https://test.authorize.net/gateway/transact.dll'>
<input type="hidden" name="x_login" value="12345">
<input type="hidden" name="x_amount" value="75.00">
<input type="hidden" name="x_slot_links" value="744">
There are more fields, but I didn't want to clutter up this forum post, so I put only 3 fields to illustrate the issue. The "x_login" and "x_amount" fields are standard fields, while "x_slot_links" is our own custom field which stores the ID of the exact product that was purchased.
2) The moment this form is posted to Authorize.NET, their Payment Page pops open for the user. There they enter their credit card number, expiration date, etc. We liked this solution because it was PCI compliant. Finally they hit the submit button on that page, which causes the credit card to be charged. Additionally due to the "Silent Post" feature, an HTTP POST sends a form of HTML back down to our server with the transaction details. It looks similar to this (with some fields removed for sake of simplicity):
<input type="hidden" name="x_response_code" value="1" />
<input type="hidden" name="x_response_reason_text" value="This transaction has been approved." />
<input type="hidden" name="x_trans_id" value="40009641020" />
<input type="hidden" name="x_amount" value="75.00" />
<input type="hidden" name="x_slot_links" value="744" />
You'll notice that the "x_slot_links" field is forwarded along from our original form post. But when I swicth to using "Webhooks" I no longer get that field. This is what I get instead:
How can I get custom field data using Webhooks?
Solved! Go to Solution.
01-24-2018 07:34 PM
We're working on better support model for technical questions like this when they come through our phone support so I'm sorry you were misled on this issue. If you do decide to move over to Accept please feel free to email firstname.lastname@example.org and ask to be connected directly with Brian (they'll know who I am :-) and I'll be happy to correspond with you directly via email and help out with any aspects of the integration or any issues you may encounter.
01-20-2018 09:32 PM
Hi RobSolem ,
Currently we don't support returning custom fields in webhooks.
We can see the value, you can submit this to ideas page. Our team will evaluate it.
01-22-2018 12:05 AM
Thanks for your post .
As @nbansal mentioned we currently dont have support for custom fields in the Webhook notifications .
We are also working on adding support for transReferenceID and InvoiceID in the transactions Notifications in the upcoming release .
01-22-2018 01:12 PM
Ok, thank you both for your fast replies. I am sorry to hear the webhook can't send extra information.
So how do other developers solve this problem?
I saw a suggestion somewhere that said to store all of my custom data in my own database, and store the "transaction id" along with it. Then later on I can grab the transaction id from the JSON I receive from the webhook, and use that to look up the data in my database.
One problem with that is I don't have a transaction id prior to calling the Hosted payment page. Is it possible to use the API to request a transaction ID, which I can then send to the Hosted payment page, and it uses that ID instead of generating a new one? Or do you have another suggestion?
Hopefully all of this makes sense. If I can't get this Webhook working, I will probably tell all of our clients using Authorize.NET to switch to using PayPal since I have implemented PayPal as well. One of our executives suggested they all switch - but I wanted to see if I could get webhooks working first prior to that.
01-22-2018 03:00 PM
Currently, we dont have a way to generate transID ahead before calling HostedPaymentForm(SIM Integration). When a transaction is made successfully, you should be able to get the field x_trans_ID field populated in the transaction response.
Before you initiate PaymentForm, subscribe to the below payment transaction eventTypes. you should be able to get the firedevents to your webhook that you are listening to upon successful transaction. BTW, Subscribing to eventTypes is one-time action. Also, webhooks doesnt take anything input as the transactionID as the transactiondetails payload is auto-generated from anet systems and JSON payload posted to the webhook URL.
Here is the guide to integrate webhooks into your system.
Copied from the link
|net.authorize.payment.authorization.created||Notifies you when an authorization transaction is created.|
|net.authorize.payment.authcapture.created||Notifies you when an authorization and capture transaction is created.|
|net.authorize.payment.capture.created||Notifies you when a capture transaction is created.|
|net.authorize.payment.refund.created||Notifies you when a successfully settled transaction is refunded.|
|net.authorize.payment.priorAuthCapture.created||Notifies you when a previous authorization is captured.|
|net.authorize.payment.void.created||Notifies you when an unsettled transaction is voided.|
01-22-2018 04:11 PM
One of the reasons we're deprecating the older integration methods is that our merchants do not like the redirect away from their web sites. That's also why we had to facilitate the "relaying" of data from your checkout "leave" page through to your receipt "return" page.
Our more recent checkout methods (the Accept suite https://developer.authorize.net/api/reference/features/accept.html ) provide much more control of the customer experience and then you don't need to relay your custom fields through our system.
Let us know what you think, we'd love the feedback,
01-22-2018 10:20 PM - edited 01-22-2018 11:34 PM
You should be able to use refID in the createTransaction request for this use case .
|refId||Merchant-assigned reference ID for the request.|
You can store the custom params against this refID and pass it in the payment request .
Once you get back the webhook notification with transactionID , you can use the transID to call getTransactionDetails to retrieve the refID and lookup the custom fields .
in upcoming release of webhook we will start returning the refID also in the notification payload so the extra lookup of transactionDetails wont be required .
Hope this help .
Let us know if any other questions .
01-23-2018 11:35 PM - edited 01-23-2018 11:37 PM
Sorry, but don't you mean invoiceNumber here? refId isn't stored in the database, but is just echoed back in the API response so a multithreaded app can better keep track of which request is which.
01-23-2018 11:45 PM
The refID passed in the createTransaction is returned under the field <transrefId> in the getTransactionDetails .
Also as you stated invoiceNumber is returned also .
01-24-2018 06:58 PM
Thank you for your time and response. Unfortunately, I don't think this solves my problem, unless I misread in which case I apologize.
You mention getting the field "x_trans_ID" from the transaction response. However since I am using the Hosted Page, I hand control over to the Authorize.NET page prior to the transaction happening, so I don't get any immediate response. So the only indication I have that the user actually entered a CC number and completed the transaction, is if Auth.NET sends me something like the "Silent Post" or "Webhook". By then getting the "x_trans_ID" is too late.
Consider this scenario:
Let's say there are 10 customers on my portal at the same time, and all of them fill out my shopping cart and hit submit. That pops open the Auth.NET hosted page for all 10 customers which they fill out and submit. Then moments later I get 10 webhook events of type "authcapture". By parsing through those 10 JSON messages, I have no way of knowing which person is tied to which transaction.