Reply
Highlighted
Member
Posts: 2
Registered: ‎11-16-2017
Accepted Solution

webhooks with multiple auth.net accounts-

 

I have a website that I need to send payments to 2 different merchant accounts, this is based on what account the current user belongs to, example user1 sales go to store #1 Auth.net account, and user 2 sales go to store#2 auth.net account.  The order is sent with getHostedPaymentPageRequest(); at this time I know what auth.net account I am sending the payment to.  The issues comes when I register a webook

I have an endpoint listening on ....PaymentNotification\PaymentEvent and I recieve the callback however to know more about that order I need to call getTransactionDetailsRequest(), however

I dont know what store credentials I need to pass to get more details about the transaction.  I attempted to add a peramter on the webhook url(PaymentNotification\PaymentEvent?id=1) but it is invalid.  I could make a webhook callback for each store but I dont want to do this for (N) stores. How can I know who the transaction belongs to before I make the getTransactionDetailsRequest()?

 

 

 

 

 

 


Accepted Solutions
Highlighted
Solution
Accepted by Anurag (Administrator)
‎11-20-2017 11:28 PM
Posts: 333
Kudos: 59
Solutions: 36
Registered: ‎03-13-2017

Re: webhooks with multiple auth.net accounts-

Hi 

 

If you dont want to have a different webhook callback url then another workaround is to use the hash  verification to check which merchant it belongs to . 

 

The hash is sent in a custom header: X-ANET-Signature along with the webhook .

Using the signature key, the body can be hashed again using the same algorithm. The calculated hash should match the hash sent in the header. 

 

https://developer.authorize.net/api/reference/features/webhooks.html#Verifying_the_Notification

 

Hope it helps . 

 

 





Send feedback at developer_feedback@authorize.net

View solution in original post


All Replies
Highlighted
Solution
Accepted by Anurag (Administrator)
‎11-20-2017 11:28 PM
Posts: 333
Kudos: 59
Solutions: 36
Registered: ‎03-13-2017

Re: webhooks with multiple auth.net accounts-

Hi 

 

If you dont want to have a different webhook callback url then another workaround is to use the hash  verification to check which merchant it belongs to . 

 

The hash is sent in a custom header: X-ANET-Signature along with the webhook .

Using the signature key, the body can be hashed again using the same algorithm. The calculated hash should match the hash sent in the header. 

 

https://developer.authorize.net/api/reference/features/webhooks.html#Verifying_the_Notification

 

Hope it helps . 

 

 





Send feedback at developer_feedback@authorize.net
Highlighted
Member
Posts: 2
Registered: ‎11-16-2017

Re: webhooks with multiple auth.net accounts-

Thanks, this could work, but the downside is I need to try each one of my Signature keys and hash with the response untill I find one that matches the X-Anet-Signature.  Though I do have a small set of keys, so it should be acceptable.

  

 

 

 

 

Highlighted
All Star
Posts: 699
Registered: ‎11-03-2016

Re: webhooks with multiple auth.net accounts-

Hi @sandboxAuthNetT,

 

Just to clarify, you can definitely have multiple listener URLs, it's just the parameter syntax (with a "?") that's not allowed. It would be perfectly fine to have a listener that's https://yourserver.com/webhooks/merchant1/PaymentEvent and a https://yourserver.com/webhooks/merchant2/PaymentEvent, for example.

 

You can use the same listener program on your end, but just have it check what path was used to call it to determine the merchant.