The Authorize.Net Developer Blog

Posts from Authorize.Net employees, community members and experts about integrating with the Authorize.Net Payment Gateway: sample code, tutorials, and problem-solving techniques, just to name a few.

HTTP GET Disablement Date - Updated 2X

by Administrator Administrator ‎04-10-2017 10:29 AM - edited ‎05-30-2017 05:47 PM (81,051 Views)

Update 2: Updated message returned as reason response code 66, "This transaction cannot be accepted for processing" if transactions attempted using GET.

 

Update 1: HTTP GET now disabled in sandbox.

 

--------------------

As you are probably aware, HTTP GET methods no longer adhere to current PCI DSS protection requirements. As such, we are updating our sandbox and production environments to no longer allow HTTP GET methods for transaction requests.

 

The HTTP GET disablement dates are as follows:

 

Sandbox: April 12, 2017

Production: May 31, 2017

We are disabling the sandbox well in advance of production to allow you time to test your solutions and ensure you are no longer submitting HTTP GET requests. Any transaction request using HTTP GET that is submitted after May 31st will fail.

 

A change to the HTTP verb from GET to POST will remediate this issue, however, we recommend using this as an opportunity to upgrade your application to use the Authorize.Net API:

http://developer.authorize.net/api/reference/

 

After April 12, 2017, all GET requests to the Sandbox endpoint https://test.authorize.net/gateway/transact.dll will fail and will return a reason response code 66, "This transaction cannot be accepted for processing."

 

After May 31, 2017, all GET requests to the https://secure.authorize.net/gateway/transact.dll and https://secure2.authorize.net/gateway/transact.dll endpoints will fail and will return reason response code 66, "This transaction cannot be accepted for processing."