Integration and Testing

Authorize.Net API questions and help with your payment integration.

Reply
Member
Posts: 6
Registered: ‎01-19-2018
Accepted Solution

"Webhook" VS "Silent Post" and custom fields

Hi Everyone, not sure if this the correct place to post this question.

 

Years ago I wrote an Authorize.NET integration solution for my company.  It uses a hosted payment page, and the "Silent Post" feature.  Recently we were told by a Auth.NET representative that "Silent Post" is unreliable, and we should switch to using "Webhooks".  So I am doing that work now, but I am noticing that Webhooks doesn't send any of our custom fields, and we really needs those to figure out which product was purchased.

 

Here are some extra details to help clear up some confusion.  This is the flow of our website:

 

1) First our clients will use our Portal to search for products they want to buy.  They add them to our shopping cart, and when they are ready to pay, they press a payment button.  That button causes a HTTP POST of the following form elements to Authorize.NET:

 

<form id=auth2 name=auth2 method='post' action='https://test.authorize.net/gateway/transact.dll'>
  <input type="hidden" name="x_login" value="12345">
  <input type="hidden" name="x_amount" value="75.00">
  <input type="hidden" name="x_slot_links" value="744">
</form>

 

There are more fields, but I didn't want to clutter up this forum post, so I put only 3 fields to illustrate the issue.  The "x_login" and "x_amount" fields are standard fields, while "x_slot_links" is our own custom field which stores the ID of the exact product that was purchased.

 

2) The moment this form is posted to Authorize.NET, their Payment Page pops open for the user.  There they enter their credit card number, expiration date, etc.  We liked this solution because it was PCI compliant.  Finally they hit the submit button on that page, which causes the credit card to be charged.  Additionally due to the "Silent Post" feature, an HTTP POST sends a form of HTML back down to our server with the transaction details.  It looks similar to this (with some fields removed for sake of simplicity):

 

<form>
  <input type="hidden" name="x_response_code" value="1" />
  <input type="hidden" name="x_response_reason_text" value="This transaction has been approved." />
  <input type="hidden" name="x_trans_id" value="40009641020" />
  <input type="hidden" name="x_amount" value="75.00" />
  <input type="hidden" name="x_slot_links" value="744" />
</form>

 

You'll notice that the "x_slot_links" field is forwarded along from our original form post.  But when I swicth to using "Webhooks" I no longer get that field.  This is what I get instead:

 

{
"notificationId":"2d56136d-29ec-4920-8ab9-31c844e39939",
"eventType":"net.authorize.payment.authcapture.created",
"eventDate":"2018-01-19T22:58:42.2377846Z",
"webhookId":"5fa0613a-0038-4b10-921d-99b7673390b1",
"payload":{
   "responseCode":1,
   "authCode":"HIKLVE",
   "avsResponse":"Y",
   "authAmount":75.00,
   "entityName":"transaction",
   "id":"40009641021"
}
}

 

How can I get custom field data using Webhooks?

 

Thanks!


Accepted Solutions
Solution
Accepted by topic author RobSolem
‎01-30-2018 03:29 PM
Administrator
Posts: 149
Registered: ‎03-28-2014

Re: "Webhook" VS "Silent Post" and custom fields

Hi Rob,

 

We're working on better support model for technical questions like this when they come through our phone support so I'm sorry you were misled on this issue.  If you do decide to move over to Accept please feel free to email developer@authorize.net and ask to be connected directly with Brian (they'll know who I am :-) and I'll be happy to correspond with you directly via email and help out with any aspects of the integration or any issues you may encounter.

 

Brian 

View solution in original post


All Replies
Authorize.Net Developer
Posts: 11
Registered: ‎11-17-2015

Re: "Webhook" VS "Silent Post" and custom fields

Hi RobSolem ,

Currently we don't support returning custom fields in webhooks.

We can see the value, you can submit this to ideas page. Our team will evaluate it.

 

Thanks.

Posts: 333
Kudos: 73
Solutions: 36
Registered: ‎03-13-2017

Re: "Webhook" VS "Silent Post" and custom fields

Hi @RobSolem

 

Thanks for your post . 

 

As @nbansal mentioned we currently dont have support for custom fields in the Webhook notifications .  

 

You are welcome to post this as a new feature using our  Ideas forum.  This will allow others to vote on and make suggestions to improve the request

 

We are  also working on adding support for transReferenceID and InvoiceID in the transactions Notifications  in the upcoming release . 

 

 

 

 





Send feedback at developer_feedback@authorize.net
Member
Posts: 6
Registered: ‎01-19-2018

Re: "Webhook" VS "Silent Post" and custom fields

Ok, thank you both for your fast replies.  I am sorry to hear the webhook can't send extra information.

 

So how do other developers solve this problem?

 

I saw a suggestion somewhere that said to store all of my custom data in my own database, and store the "transaction id" along with it.  Then later on I can grab the transaction id from the JSON I receive from the webhook, and use that to look up the data in my database.

 

One problem with that is I don't have a transaction id prior to calling the Hosted payment page.  Is it possible to use the API to request a transaction ID, which I can then send to the Hosted payment page, and it uses that ID instead of generating a new one?  Or do you have another suggestion?

 

Hopefully all of this makes sense.  If I can't get this Webhook working, I will probably tell all of our clients using Authorize.NET to switch to using PayPal since I have implemented PayPal as well.  One of our executives suggested they all switch - but I wanted to see if I could get webhooks working first prior to that. 

Authorize.Net Expert
Posts: 84
Registered: ‎11-16-2017

Re: "Webhook" VS "Silent Post" and custom fields

Currently, we dont have a way to generate transID ahead before calling HostedPaymentForm(SIM Integration). When a transaction is made successfully, you should be able to get the  field x_trans_ID field populated in the transaction response.

 

Before you initiate PaymentForm, subscribe to the below payment transaction eventTypes. you should be able to get the firedevents to your webhook that you are listening to upon successful transaction. BTW, Subscribing to eventTypes is one-time action.  Also, webhooks doesnt take anything input as the transactionID as the transactiondetails payload is auto-generated from anet systems and JSON payload posted to the webhook URL.

 

Here is the guide to integrate webhooks into your system.

 

 

-Bhavana

 

Copied from the link

 

PAYMENT EVENTS

Event Description

net.authorize.payment.authorization.createdNotifies you when an authorization transaction is created.
net.authorize.payment.authcapture.createdNotifies you when an authorization and capture transaction is created.
net.authorize.payment.capture.createdNotifies you when a capture transaction is created.
net.authorize.payment.refund.createdNotifies you when a successfully settled transaction is refunded.
net.authorize.payment.priorAuthCapture.createdNotifies you when a previous authorization is captured.
net.authorize.payment.void.createdNotifies you when an unsettled transaction is voided.
Administrator
Posts: 149
Registered: ‎03-28-2014

Re: "Webhook" VS "Silent Post" and custom fields

Hi 

 

One of the reasons we're deprecating the older integration methods is that our merchants do not like the redirect away from their web sites.  That's also why we had to facilitate the "relaying" of data from your checkout "leave" page through to your receipt "return" page.


Our more recent checkout methods (the Accept suite https://developer.authorize.net/api/reference/features/accept.html ) provide much more control of the customer experience and then you don't need to relay your custom fields through our system.

 

Let us know what you think, we'd love the feedback,

 

Brian

Posts: 333
Kudos: 73
Solutions: 36
Registered: ‎03-13-2017

Re: "Webhook" VS "Silent Post" and custom fields

[ Edited ]

Hi @RobSolem

 

You should be able to use  refID in the createTransaction request for this use case . 

 

https://developer.authorize.net/api/reference/index.html#payment-transactions-charge-a-credit-card

 

refId Merchant-assigned reference ID for the request.

 

You can store the custom params against this refID and pass it in the payment request . 

 

Once you get back the webhook notification with transactionID , you can use the transID to call getTransactionDetails to retrieve the refID and lookup the custom fields . 

 

https://developer.authorize.net/api/reference/index.html#transaction-reporting-get-transaction-detai...

 

in upcoming release of webhook we will start returning the refID also in the notification payload so the extra lookup of transactionDetails wont be required . 

 

Hope this help . 

 

Let us know if any other questions . 

 

 





Send feedback at developer_feedback@authorize.net
Contributor
Posts: 15
Registered: ‎11-29-2017

Re: "Webhook" VS "Silent Post" and custom fields

[ Edited ]

Hi Anurag,

 

Sorry, but don't you mean invoiceNumber here? refId isn't stored in the database, but is just echoed back in the API response so a multithreaded app can better keep track of which request is which.

Posts: 333
Kudos: 73
Solutions: 36
Registered: ‎03-13-2017

Re: "Webhook" VS "Silent Post" and custom fields

Hi @Aaron_Actual

 

The refID passed in the createTransaction is returned under the field <transrefId> in the getTransactionDetails . 

 

Also as you stated invoiceNumber is returned also .

 

 





Send feedback at developer_feedback@authorize.net
Member
Posts: 6
Registered: ‎01-19-2018

Re: "Webhook" VS "Silent Post" and custom fields

Hi Bhavana,

 

Thank you for your time and response.  Unfortunately, I don't think this solves my problem, unless I misread in which case I apologize. 

 

You mention getting the field "x_trans_ID" from the transaction response.  However since I am using the Hosted Page, I hand control over to the Authorize.NET page prior to the transaction happening, so I don't get any immediate response.  So the only indication I have that the user actually entered a CC number and completed the transaction, is if Auth.NET sends me something like the "Silent Post" or "Webhook".  By then getting the "x_trans_ID" is too late.

 

Consider this scenario:
Let's say there are 10 customers on my portal at the same time, and all of them fill out my shopping cart and hit submit. That pops open the Auth.NET hosted page for all 10 customers which they fill out and submit. Then moments later I get 10 webhook events of type "authcapture". By parsing through those 10 JSON messages, I have no way of knowing which person is tied to which transaction.