topic Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values. in Integration and Testing

Accept.js E_WC_17:User authentication failed due to invalid authentication values.

amazedchili — Fri, 23 Dec 2016 16:30:05 GMT

I'm having a little trouble interpreting an error message i'm recieving while trying to implement Accept.js to replace our current Direct Post functionality on a Magento store.

E_WC_17:User authentication failed due to invalid authentication values.

Looking up this error on https://developer.authorize.net/api/reference/features/acceptjs.html

E_WC_17

Please provide valid card holder name.

I've tried implementing the optional fields according to:

Property Type Description

cardNumber	String	Must be a valid 13-16 digit card number. Required.
month	String	2-digit month. Required.
year	String	2-digit year. Required.
cardCode	String	3 or 4-digit card validation value (CVV). Optional.
zip	String	20-character alphanumeric postal code. Optional.
fullName	String	64-character alphanumeric cardholder name. Optional.

Still no luck, i've verified the Client Key, generated a new one as well. The API Login is correct as well. I'm also using the testing JS "https://jstest.authorize.net/v1/Accept.js"

Any idea what this error really means?

Thanks!

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Tue, 27 Dec 2016 19:27:09 GMT

Hi @amazedchili,

In my experience, the E_WC_17 error is always because of a problem with the authorization credentials (the API Login ID or the Public Client Key). I don't know why the error codes in that documentation would steer you so wrong, but I'll look into that ASAP.

For further troubleshooting, re-verify the Public Client Key and the API Login ID. I know you said you've already reissued the client key, but double or triple-check everything to be sure.

The other common gotcha is to make sure that you're using your test credentials if you're calling the test script. Since you're calling the test script that runs in the sandbox environment, you have to have a sandbox account with it's own credentials. Live credentials won't work on sandbox or vice versa. When you're managing or reissuing the public client key, make sure you're logged in to https://sandbox.authorize.net.

Let us know how that goes!

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

jenlampton — Wed, 15 Feb 2017 04:27:24 GMT

I'm having the same exact problem. The error message I'm seeing is

E_WC_17:User authentication failed due to invalid authentication values.

The code, E_WC_17, as the documentation claims, is for "Please provide valid card holder name." but the message that accompanies it is related to authentication.

I've also tried regenerating my sandbox transaction key, with no change in response.

I wonder, do we need to be setting some client-side equivilent of x_test_request to test in order to use the sandbox accounts?

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Wed, 15 Feb 2017 16:42:44 GMT

Hi @jenlampton,

There are some known issues with getting the right code at the right time for some of the error reporting in Accept.js, but those should be fixed soon. In the meantime, if the text you're receiving states an authentication error, it's likely that your issue is indeed related to authentication.

There's no test transaction flag that needs to be sent to use Accept.js in the sandbox. The only thing you need to do is load the script from the test location (https://jstest.authorize.net/v1/Accept.js).

The important thing to remember, though, is that you're not using your regular sandbox transaction key to use Accept.js. If that's what you're trying with Accept.js, that would explain the error.

Any credentials you use for Accept.js will be exposed in the browser, so we have you use a special client key that's only for Accept. That way, someone taking your credentials out of the browser would only be able to use them to generate card tokens, not for any transaction processing or anything like that.

We call his special client key the "public client key". If you haven't already, go back to the documentation and read through the section "Obtaining a Public Client Key". That will walk you through the steps of generating a public client key to use with Accept.js.

Hope that helps!

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

jenlampton — Mon, 20 Feb 2017 23:21:17 GMT

Thanks Aaron, I think that was it! For some reason I had assumed the public client key and the transaction key were the same thing, but the documentation is very clear. I've generated a new public client key for the sandbox account and I'm not getting the error anymore. Thank you!

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Tue, 21 Feb 2017 17:03:37 GMT

No problem @jenlampton. The documentation is clear, but only if you already know those are two different things. A few people are still getting caught by that, though, so I'm trying to find ways to make it even more clear.

Thanks for the feedback!

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Thu, 13 Jul 2017 17:58:14 GMT

I came across this thread because I'm having this problem in production. Within the course of an hour, without making any changes to the client credentials, I'm getting successful transactions and transactions rejected for this reason.

Any pointers appreciated.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Thu, 13 Jul 2017 18:01:47 GMT

Hi @leehinde,

If that's happening in production, we'd need to have someone look into it, maybe analyzing logs and error reports on our side. Could you open up a ticket with our support team?

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Thu, 13 Jul 2017 19:49:35 GMT

HI;

Is that the developer@ email, or do I have the client initiate from within their portal?

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Thu, 13 Jul 2017 20:03:57 GMT

Hi @leehinde,

The developer@ email is for general developer questions (kind of like this forum). For an issue with a production system like this, you'll need an actual ticket that can be tracked and escalated and such.

Easiest way to open that might be to call our support department at (877) 447-3938 and provide the merchant info. There's also an ability to open an e-ticket from within the merchant interface.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Fri, 14 Jul 2017 21:46:26 GMT

Hi @Aaron,

Per your suggestion, I opened a ticket and their initial response is the same as the original post in this thread - i.e, the wrong card holder name.

I replied with a link to this thread, so hopefully we can at least agree on the issue.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Tue, 01 Aug 2017 21:38:45 GMT

@Aaron Two weeks ago I submitted a ticket as advised. (1-425378731)

Zero help ensued. After two weeks with no help I reverted back to the old system. I explained that:

I've discontinued use of Accept.js pending active engagement by your 'internal technicians'.

But they closed the ticket.

I understand why you'd suggest handing off to 'real' support for production issues, but at least folks here are engaged.

I'm totally open to the likelihood that the failure is on me, but without any feedback from Anet, I don't have a way to debug it with the current error.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Wed, 02 Aug 2017 17:31:38 GMT

Hi @leehinde,

That's really unfortunate and I'm really sorry about that. I've escalated your feedback through the support department so that hopefully improvements can be made there.

Backing up a bit, here's what we know:

You coded a solution with Accept.js
This solution would work sometimes and fail sometimes, with no change on your side
When it did fail, you got the code E_WC_17, but text relating to authentication ("User authentication failed due to invalid authentication values")

In my experience, I can take a perfectly working Accept.js page, change the client key to something invalid, and get the same thing (E_WC_17, but with error text relating to authentication). There are known bugs with Accept.js and error handling, so Accept.js is likely throwing the authentication error, but not updating the error code correctly and reporting the wrong code.

This situation is 100% reproducible for me, and then 100% fixable by just providing the correct client key.

Now, in your case, you say it works some of the time and fails some of the time. That points to the client key not necessarily being wrong, but maybe not working or not being recognized some of the time. That's an issue that somebody would have to look at on the production side, and I'm sorry they dropped the ball on that.

I'm reaching out to try to reopen this ticket and get to the bottom of it so that we can see what's going on. It's important to me to at least understand all of the failure modes until we can roll out the error handling fixes. Would you be willing to do a little more testing and see if you're still experiencing this error? Additionally, would you be willing to send me your page code (with the client key and api login still embedded or included) so that I can try to run the same scripts from my end and just see if there's any difference? Please send to aawright@authorize.net.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Wed, 02 Aug 2017 17:29:47 GMT

I'm posting back to my system every use of credentials with each use of Accept.js. I tested for the possibility I wasn't loading correctly.

They come from one source and are the same (correct) for successful and unsuccessful transactions.

I'll make sure the ticket gets re-opened.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Wed, 02 Aug 2017 18:10:58 GMT

Is there somewhere we can see your code running in a browser? Can you either send your code to us, or point us to the website where your code is running so that we can see it ourselves? This may be crucial to troubleshoot this.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Thu, 03 Aug 2017 22:27:18 GMT

@Aaron, I'd be happy to do that. But, like I said, I switched back because there hadn't been any engaegment. They (those people over there. :-)) reopened the ticket, but there's been no activity since.

I've talkd to my client and once we know someone's looking he's ok with me switching back to the accept.js process and then I'd be happy to get you in.

It also occurred to me I'd seen reports here where posts using json (which I'm using) need to be in a certain order. This is consistent with my experience. I was just thinking of switching to xml to see if that works better.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Thu, 03 Aug 2017 22:55:07 GMT

Hi @leehinde,

Since you're getting the error in the Accept.js step, JSON vs XML shouldn't even be an issue at that point. Your API request for the transaction doesn't even happen until the Accept payment nonce/token has been successfully received.

Getting us access to hit your system and to create our own failures will be crucial in troubleshooting for a few reasons.

It's intermittent
It's not widespread. We don't have any other merchants (that we know about) experiencing intermittent Accept.js authentication failures.
Since it's an authentication failure, we're not logging it associated with a particular merchant (since authentication failed meaning we never correctly identified who the merchant was associated with that request)

We do log the failures on our end, but it will require us to know exactly when the failures occurred so that we can correlate a failure coming from you with a failure entry in our log. So, the sooner we can get access to bang on your implementation, the better. Let me know (directly by email if you want) whenever it's available, and I'll alert the (multiple) people who've been investigating this.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

leehinde — Thu, 03 Aug 2017 23:20:11 GMT

I've got an email ready. I'm waiting for my customer to create/provide a test account for you to log in with.

Thanks for your help.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

NexusSoftware — Mon, 07 Aug 2017 08:43:44 GMT

Hi @Aaron,

In AcceptCore.js, both sandbox and production versions, E_WC_17 has the message text: "Please provide valid card holder name."

    var a = {
                E_WC_01: "Please include Accept.js library from cdn.",
                E_WC_02: "A HTTPS connection is required.",
                E_WC_03: "Accept.js is not loaded correctly.",
                E_WC_04: "Please provide mandatory field to library.",
                E_WC_05: "Please provide valid credit card number.",
                E_WC_06: "Please provide valid expiration month.",
                E_WC_07: "Please provide valid expiration year.",
                E_WC_08: "Expiration date must be in the future.",
                E_WC_09: "Fingerprint hash should not be blank.",
                E_WC_10: "Please provide valid apiloginid.",
                E_WC_11: "Please provide valid timestamp in utc.",
                E_WC_12: "Sequence attribute should not be blank.",
                E_WC_13: "Invalid Fingerprint.",
                E_WC_14: "Accept.js encryption failed.",
                E_WC_15: "Please provide valid CVV.",
                E_WC_16: "Please provide valid Zip code.",
                E_WC_17: "Please provide valid card holder name.",
                E_WC_18: "Client key is required."
            };
            return {
                messageInfo: a
            }

Because of the function below, E_WC_17 is returned in the case of API response error code E00007:

function n(a, b) {
        try {
            var c = JSON.parse(a.responseText);
            if (void 0 !== c.messages.resultCode && void 0 !== c.messages.message && c.messages.message.length >= 1) {
                for (var d in c.messages.message) switch (c.messages.message[d].code) {
                    case "I00001":
                        c.messages.message[d].code = "I_WC_01";
                        break;
                    case "E00001":
                        c.messages.message[d].code = "E_WC_15";
                        break;
                    case "E00003":
                        c.messages.message[d].code = "E_WC_16";
                        break;
                    case "E00007":
                        c.messages.message[d].code = "E_WC_17";
                        break;
                    case "E00096":
                        c.messages.message[d].code = "E_WC_13"
                }

The following message is coming directly from the API and getting the wrong E_WC error code inserted from AcceptCore.js:

User authentication failed due to invalid authentication values.

By the way, it looks like the only API response case to E_WC error that is mapped correctly is Code: E00096, "Finger Print value is not valid".

Code: I00001
Successful.

Code: E00001
An error occurred during processing. Please try again.

Code: E00003
An error occurred while parsing the XML request.

Code: E00096
Finger Print value is not valid. // Yay, we have a match.

Oh, snap is right, I just read your comments about known error handling issues and rolling out some changes, and here I was thinking I made a discovery. Though, some of these modifications could made in minutes and would go a long way in terms of robustness and being able to diagnose issues in the interim.

In practice, many of these issues may not be experienced, because they get trapped and return the correct message before processTransaction is called with the following:

 function responseHandler(response) {
        if (response.messages.resultCode === "Error") {
            for (var i = 0; i < response.messages.message.length; i++) {
                console.log(response.messages.message[i].code + ": " + response.messages.message[i].text);
document.getElementById("result").innerHTML = response.messages.message[i].text;
           }
           // alert("Error!")
                } else {
            console.log(response.opaqueData.dataDescriptor);
            console.log(response.opaqueData.dataValue);
            processTransaction(response.opaqueData);

        }
    }

However, AcceptCore is only doing limited error checking when it comes to Authentication values.

Re: Accept.js E_WC_17:User authentication failed due to invalid authentication values.

Aaron — Mon, 07 Aug 2017 16:19:31 GMT

<sigh>

The error handling fixes, as simple as they may be, are still not yet released because they're tied up with another release. The good news is that the other release brings oft requested features, and is actually on track to show up soon. I don't want to make any more promises beyond that until we get closer, but I'm optimistic that this can finally get fixed.

But, you're right. Once you dig through the code and see the nature of the error, "Oh snap" is right. I'll gladly take any flogging here on behalf of the whole team.