topic Re: E00114 Invalid OTS Token in Integration and Testing

E00114 Invalid OTS Token

mbruxvoort — Wed, 19 Jul 2017 20:18:18 GMT

Our site stopped accepting payments through the Accept.JS interface. The system was working until today.

Please HELP, your customer support team offered NO help and asked me to come to the community forum. What can I do to have payments come through again?

Thanks,
Mike

Re: E00114 Invalid OTS Token

mbruxvoort — Wed, 19 Jul 2017 20:36:14 GMT

The Accept.JS code appears to work if we put a debug breakpoint in our Javascript code. Is there a timing related issue with Accept.js?

Can someone PLEASE help?

Re: E00114 Invalid OTS Token

RichardH — Wed, 19 Jul 2017 21:35:21 GMT

Hello @mbruxvoort

When you say it stopped working, do you know when you noticed the gateway returning E00114?

Also, when adding a breakpoint, are you suggesting that when a breakpoint is used that after the JavaScript continues you receive a nonce?

Where is your breakpoint?

Richard

Re: E00114 Invalid OTS Token

mbruxvoort — Wed, 19 Jul 2017 21:46:51 GMT

@RichardH,

We know for sure that the code was working on July 13.

In debugging we have added a breakpoint in our Javascript code in the response callback after the nonce is received. The nonce is there and if the pause is greater that a couple of seconds it seems to work.

We have been doing further debug on the server side. Without any pause on the client side our .net server side code is receiving the nonce from the front end. When we submit that to the authorize.net api via the SDK Nuget Package version 1.9.0 it seems like the nonce has not made it to the right spot on your end. Therefore our assumption is that it is just returning invalid even though it is a nonce that we received from Accept.js.

This is on our production site and we are NOT using the sandbox mode of Authorize.net.

We have considered putting retry logic around the .net sdk submit code, but that feels very dirty.

Do you have a direct line or anything that we could contact you at?

Thanks,
Mike

Re: E00114 Invalid OTS Token

RichardH — Wed, 19 Jul 2017 21:59:15 GMT

Hello @mbruxvoort

I've escalated this to our product support specialist team. Since this is for your production account, please open an eTicket so this is properly tracked. If you can provide the ticket number, I'll update the support specialists for them to take ownership.

Richard

Re: E00114 Invalid OTS Token

RichardH — Wed, 19 Jul 2017 22:25:18 GMT

Hello @mbruxvoort

I received word back from a support specialist that this is a known issue, if you attempt to use a nonce immediately after receipt AND there are other internal conditions present at Authorize.Net. The most common cause is the data for the nonce has not completed replication between systems.

Our engineers are working on a solution, but in the mean time adding a short delay after receipt of the nonce before using it to create a transaction will improve success.

Richard

Re: E00114 Invalid OTS Token

mbruxvoort — Thu, 20 Jul 2017 01:05:32 GMT

How long is a short delay? 1 sec or more? This would be user blocking which is an Important factor.

Mike

Re: E00114 Invalid OTS Token

RichardH — Thu, 20 Jul 2017 01:33:05 GMT

I asked but did not get any specific guidance, but I think 1 second should be sufficient for most cases.

Re: E00114 Invalid OTS Token

mbruxvoort — Thu, 20 Jul 2017 12:53:20 GMT

Richard,

Any word from the team when the issue will be resolved on your end? This seems very odd that we need to add a 1 sec delay to a user facing payment process.

Thanks,
Mike

Re: E00114 Invalid OTS Token

RichardH — Thu, 20 Jul 2017 13:19:28 GMT

@mbruxvoort Unfortunately I don't have any details on a solution, but it does involve making changes across multiple systems to ensure each are operating at peak efficiency.

Richard

Re: E00114 Invalid OTS Token

douwinga — Thu, 20 Jul 2017 14:06:38 GMT

For those coming here looking for a solution, here is what we ended up doing as a workaround until this is solved on Authorize.net's end. (@mbruxvoort is my supervisor)

We ended up adding a setting in our admin dashboard for a payment delay. Then in our javascript response callback handler we just did a simple setTimeout that waits based on the payment delay setting before submitting the form.

Something like this:

setTimeout(function() {
     authorizeNetPaymentForm.submit();  
}, paymentDelay);

This is really hacky, but without much of an alternative, it is the best we can do.

After this code was in place we tried different delay lengths (1, 2, 5, 10 seconds). The only one that worked was 10 seconds. This means that we are making our users wait 10 seconds for authorize.net to replicate the nonce data. This is really unfortunate as we recently spent time making the payment process as quick as possible.

Re: E00114 Invalid OTS Token

RichardH — Thu, 20 Jul 2017 14:27:23 GMT

@douwinga @mbruxvoort

Having to wait 10 seconds is certainly too long. Did you create a support ticket with CS? If you can provide the case #, I can escalate again.

Richard

Re: E00114 Invalid OTS Token

douwinga — Thu, 20 Jul 2017 14:52:56 GMT

@RichardH

A support ticket has been created. The # is 1-426682611. Last time we messaged support we were told that we should use this thread.

I wish everyone on the customer support team at authorize.net were as helpful as you. You seem like the only person there that understands how serious this issue is.

Re: E00114 Invalid OTS Token

thsmrtone1 — Fri, 05 Oct 2018 00:38:14 GMT

It’s sad that 15 months later the solution is still “add a delay” (at least in sandbox mode). This is unacceptable authorize.net!

Re: E00114 Invalid OTS Token

douwinga — Mon, 19 Nov 2018 17:21:40 GMT

@thsmrtone1

It is unfortunate to see that you are having the same problem. I have been going through the documentation again to see if anything changed so that we can remove the delay (which by the way, the documentation does not mention the need for the delay), but it does not appear to have changed. We are now considering using Accept Hosted, which in our proof of concepts, is working very well and does not require a delay. The only issue is that we cannot change the wording and styling of the form. We mainly use authorize.net for donations and the wording on Accept Hosted is geared towards orders.

Re: E00114 Invalid OTS Token

jenlampton — Thu, 25 Apr 2019 05:02:40 GMT

I'm having the same issue: only on our production site (not on the sandbox server) and only in live mode. I've implemented the recommended delay of up to 20 seconds, but still the E00114: Invalid OTS Token error persists.

Is there still an bug that needs to be fixed on the AuthNet end?

I followed the other issue (https://community.developer.authorize.net/t5/Integration-and-Testing/Intermittent-Invalid-OTS-Token-Errors-E00114/m-p/57509#M32226) through to the 6th page, but there was never a confirmation that that bug was fixed. The issue was closed on page 2, and never re-opened even though the problem was confirmed unsolved after that.