topic Re: accept.js - purpose in Integration and Testing

accept.js - purpose

rickstout — Wed, 03 Aug 2016 19:14:02 GMT

So I thought accept.js was the answer to my integration. Post credit card details directly from the client browser to auth.net and it never even hits my servers. Just save the token (or nonce). But I'm finding it only works once?! If i enter a new card and save it, then post a transaction, it works, but only the first time.

Did I misunderstand the purpose of accept.js? Is it supposed to only work once?

Re: accept.js - purpose

RichardH — Wed, 03 Aug 2016 19:29:06 GMT

Hello @rickstout

You are currect that in it's current form you can only use it for new transactions. An update coming very soon will will expand support for using Accept.js for creating customer profiles and for creating subscriptions, making it usable for all transactions.

I would suggest watching our blog, or even subscribing so you'll be the first to know.

Richard

Re: accept.js - purpose

rickstout — Wed, 03 Aug 2016 20:27:34 GMT

Thanks. Wish the docs would have been clear about that.

Re: accept.js - purpose

blackbeltdev — Thu, 11 Aug 2016 23:37:11 GMT

Hi,

What does the JSON cardData payload look like for including the CVV security code?

For example in step #3 here only has the PAN and expiration date mentioned,

http://developer.authorize.net/api/reference/features/acceptjs.html

cardData.cardNumber = document.getElementById('CARDNUMBER_ID').value;
cardData.month = document.getElementById('EXPIRY_MONTH_ID').value;
cardData.year = document.getElementById('EXPIRY_YEAR_ID').value;

I couldn't find any documentation about the Accept functions and data structures, i.e.

Accept.dispatchData(secureData, 'responseHandler'). Does such documentation exist?

Also IMO it would be better if the Accept.dispatchData() supported a non-global functions for the 'responseHandler' callback. Is that a technical limitation why it takes a string value?

Thanks

Re: accept.js - purpose

RichardH — Fri, 12 Aug 2016 15:11:07 GMT

Hello @blackbeltdev

Accept.js documentation is scheduled for an update week, but here are some items that should help.

Methods, Objects, and Events

DISPATCHDATA

This method sends the secure data to Authorize.Net and provides the response handler which will receive the payment nonce.

Parameter	Type	Description
data	SecureData	This object contains the payment data to be sent to Authorize.Net.
callback	String	This function handles the response from Authorize.Net.

SECUREDATA

This object contains the merchant identifier and payment data.

Property	Type	Description
secureData	SecureData Object	This object is the payment data to be sent to Authorize.Net.
authData	AuthData Object	This object contains the data used by Authorize.Net to identify the merchant who will eventually use the card data.

CARDDATA

This object contains the payment data which is dispatched to Authorize.Net.

Property	Type	Description
cardNumber	String	Must be a valid 13-16 digit card number. Required.
month	String	2-digit month. Required
year	String	2-digit year. Required
cardCode	String	3 or 4-digit card validation value (CVV). Optional
zip	String	20-character alphanumeric representing postal code. Optional
fullName	String	64-character alphanumeric cardholder name. Optional

AUTHDATA

This object contains the data used by Authorize.Net to identify the merchant who will eventually use the card data.

Property	Type	Description
apiLoginID	String	API Login ID of the merchant. It can be found in the Authorize.Net merchant interface at Account > Settings > Security Settings > General Security Settings > API Credentials and Keys. Required.
clientKey	String	Public key for the merchant. It can be generated in the Authorize.Net Merchant interface at Account > Settings > Security Settings > General Security Settings > Manage Public Client Key. Required.

Re: accept.js - purpose

brianmc — Fri, 12 Aug 2016 15:45:06 GMT

@rickstout You can now create a customer payment profile with the Accept payment nonce, so that you can charge the card on a recurring/future/ad-hoc basis.

So instead of/as well as doing a CReateTransaction you can do

<createCustomerPaymentProfileRequest>
<merchantAuthentication>
</merchantAuthentication>
<customerProfileId>10000</customerProfileId>
<paymentProfile>
<payment>
<opaqueData>
<dataDescriptor>COMMON.ACCEPT.INAPP.PAYMENT</dataDescriptor>
<dataValue>nonce_here</dataValue >
</opaqueData>
</payment>
</paymentProfile>
<validationMode>testMode</validationMode>
</createCustomerPaymentProfileRequest>

Re: accept.js - purpose

brianmc — Fri, 12 Aug 2016 15:48:11 GMT

@blackbeltdev You are absolutely right and we should support a function as well as a function name for the responseHandler. No technical limitations, hands up, it was a miss on our side. It will be fixed in the next release.

Brian

Re: accept.js - purpose

blackbeltdev — Fri, 12 Aug 2016 15:59:24 GMT

Perfect this is exactly what I was looking for! The only other question I had is if the dispatch method could be updated in a future release to support taking a function for the 'callback' argument in addtion to a string, i.e. function | string

For instance let's say I wanted to create an Angular service that was self-contained to manage the response handler. I believe the current API requires me to install a global function to work which IMO violates separation of concerns. If this is a technical limitation I can live with that but to make the API cleaner it should accept a function if possible.

Thanks

Re: accept.js - purpose

blackbeltdev — Fri, 12 Aug 2016 16:02:44 GMT

You beat me to the punch! Thanks!

Re: accept.js - purpose

swensor — Fri, 18 Nov 2016 17:56:31 GMT

Any idea if the non-global function feature has been added yet? Where can I see a changelog for the new API or accept.js specifically? @brianmc @RichardH any info ? thx in advance

Re: accept.js - purpose

jdking — Mon, 21 Nov 2016 16:30:52 GMT

I keep seeing mention of "Nonce", what is that value and where do I get it?

Re: accept.js - purpose

swensor — Tue, 22 Nov 2016 21:29:41 GMT

It's in the response data returned from an Accept.js submission. The data returned is a JSON object and the nonce can be found at response.opaqueData.dataValue. Note: response is what I named my object, but it's whatever you name the argument in these functions, taken from the API feature page:

function sendPaymentDataToAnet() {
	var secureData = {}, authData = {}, cardData = {};
	
	cardData.cardNumber = document.getElementById('CARDNUMBER_ID').value;
	cardData.month = document.getElementById('EXPIRY_MONTH_ID').value;
	cardData.year = document.getElementById('EXPIRY_YEAR_ID').value;
	secureData.cardData = cardData;

	authData.clientKey = '6WrfHGS76gHW3v7btBCE3HuuBukej96Ztfn5R32G5ep42vne7MCWZtAucY';
	authData.apiLoginID = 'my_api_login_id';
	secureData.authData = authData;
	
	Accept.dispatchData(secureData, 'responseHandler');
}

//called by Accept.dispatchData when auth.net sends back a response
function responseHandler(response) {
    if (response.messages.resultCode === 'Error') {
        for (var i = 0; i < response.messages.message.length; i++) {
            console.log(response.messages.message[i].code + ':' + response.messages.message[i].text);
        }
    } else {
        useOpaqueData(response.opaqueData)
    }
}

Here's the feature page I lifted the code from (steps 3+4), just for reference: http://developer.authorize.net/api/reference/features/acceptjs.html

Re: accept.js - purpose

firebird — Thu, 05 Jan 2017 01:57:02 GMT

Is there a way to validate an Accept.js card nonce before we save it to a Customer Profile? Or does Accept.js do that automatically?

I'm trying to avoid saving the profile based off of the nonce, then trying to run a transaction only to find out the card is bad.

Re: accept.js - purpose

RichardH — Thu, 05 Jan 2017 16:28:58 GMT

Hello @firebird

When creating the nonce, the gateway performs some basic MOD10 on the card number, expiry check, etc. but does not validate the card.

If you use the nonce to create a customer profile and set validationMode as LiveMode, it will validate the card and only create a profile if the validation is successful.

Richard

Re: accept.js - purpose

wilogic — Mon, 30 Jan 2017 01:00:49 GMT

So it the Nonce from Accept.js reusable yet? If you save it to a customer profile can you use it to execute future transactions and/or setup recurring transactions based on that profile?

If not is there another solution using Accept.js to setup recurring payments?

Re: accept.js - purpose

RichardH — Mon, 30 Jan 2017 02:43:37 GMT

Hello @wilogic

They payment nonce can only be used once, but it can be used to create a transaction, a customer profile or to create a subscription. Accept.js allows developers to maintain control over the user experience while reducing PCI scope because sensitive card data never passes through your server.

Richard

Re: accept.js - purpose

rakeshjst123 — Mon, 31 Jul 2017 13:14:39 GMT

"They payment nonce can only be used once, but it can be used to create a transaction, a customer profile or to create a subscription."

Is it possible to do more than 1 un-equal transactions randomly using "accept.js" method?

Say a payment of $200 after 1 week, then $1000 after 1 month and finally another $2000 after 2.5 months.

Re: accept.js - purpose

RichardH — Mon, 31 Jul 2017 14:28:20 GMT

Hello @rakeshjst123

The nonce can only be used once as mentioned above. But if you create a customer profile, you can create subsequent transactions using the customer profile.

Richard

Re: accept.js - purpose

prose_la — Thu, 10 Aug 2017 23:03:27 GMT

just so i can clear... i currently make use of CIM without using accept.js.

for a new integration of this accept.js library, i get my nonce, and i can then use it to create a customer payment profile. once i have the customer payment profile i can then use that for card on file transactions similar to what i am currenty doing.

is that correct?

thanks.

Re: accept.js - purpose

Aaron — Fri, 11 Aug 2017 03:22:02 GMT

Hi @prose_la,

That's correct!