topic Re: “Payment Profile ID is not allowed” error with hosted payment profile request in Integration and Testing

“Payment Profile ID is not allowed” error with hosted payment profile request

BlueBirdARS1 — Thu, 09 Aug 2018 13:49:27 GMT

I am developing a new integration. Trying to provide a link on our site for our customers to enter their payment info.   I am using the “redirect” method to display the page for the user to enter the card data. When I submit the form, I get a “Payment Profile ID is not allowed” response.

Attached is a log of the requests/responses for createCustomerProfileRequest, getHostedProfilePageRequest and redirect. Can you tell me what I am doing wrong?

createCustomerProfileRequest request:

POST https://apitest.authorize.net/xml/v1/request.api HTTP/1.0
Content-Type: text/xml
Content-Length:413

<?xml version="1.0"?>
<createCustomerProfileRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<merchantAuthentication>
    <name>7HK2nqn5cb2r</name>
    <transactionKey>**</transactionKey>
</merchantAuthentication>
<profile>
    <merchantCustomerId>565</merchantCustomerId>
    <description>441 AUTO RENTAL</description>
    <email></email>
</profile>
</createCustomerProfileRequest>

createCustomerProfileRequest response:

HTTP/1.0 200 OK
Cache-Control: private
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-requested-with,cache-control,content-type,origin,method,SOAPAction
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT,OPTIONS,POST,GET
X-Cnection: close
Content-Length: 507
Date: Tue, 07 Aug 2018 22:01:24 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?><createCustomerProfileResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"><messages><resultCode>Ok</resultCode><message><code>I00001</code><text>Successful.</text></message></messages><customerProfileId>1914998217</customerProfileId><customerPaymentProfileIdList /><customerShippingAddressIdList /><validationDirectResponseList /></createCustomerProfileResponse>

************************************************************

getHostedProfilePageRequest request:

POST https://apitest.authorize.net/xml/v1/request.api HTTP/1.0
Content-Type: text/xml
Content-Length:992

<?xml version="1.0"?>
<getHostedProfilePageRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<merchantAuthentication>
    <name>7HK2nqn5cb2r</name>
    <transactionKey>**</transactionKey>
</merchantAuthentication>
<customerProfileId>1914998217</customerProfileId>
<hostedProfileSettings>
    <setting>
      <settingName>hostedProfileReturnUrl</settingName>
      <settingValue>https://helpdesk.barsnet.com/scripts/callsys.wsc/login.html?CustID=565</settingValue>
    </setting>
    <setting>
      <settingName>hostedProfileReturnUrlText</settingName>
      <settingValue>Click to complete registration</settingValue>
    </setting>
    <setting>
      <settingName>hostedProfilePageBorderVisible</settingName>
      <settingValue>true</settingValue>
    </setting>
    <setting>
      <settingName>hostedProfileBillingAddressRequired</settingName>
      <settingValue>true</settingValue>
    </setting>
</hostedProfileSettings>
</getHostedProfilePageRequest>

getHostedProfilePageRequest response:

HTTP/1.0 200 OK
Cache-Control: private
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-requested-with,cache-control,content-type,origin,method,SOAPAction
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT,OPTIONS,POST,GET
X-Cnection: close
Content-Length: 899
Date: Tue, 07 Aug 2018 22:01:27 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?><getHostedProfilePageResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"><messages><resultCode>Ok</resultCode><message><code>I00001</code><text>Successful.</text></message></messages><token>eGtsUl791jH49TMwGTzUKtvZmd4q6vzhtrqj+EFU/BuR9ZW36q3IGeU51P6OGixpL8p8u8ynu5MaZR8Extp+tXmYQMMzZxLOYJmNDws3v2Kzn0yKEkmWLrFkTquzcoo3ZWOEmlqNj3IQYQwp0IxQXo1TiVeEb1izPIAk9xGv87WKXQJPn2NSJQDwpj9wchGo1EhX8jvnDcS8csV30nwNQe0pBgjrJ4GA1TSoF413WWCljVx7cGO2AYKku4NY0Hn06RWE+BXqXYBpF79O+OlJcu0SRcG6tl2b8AY29Aq1oY8n0MHZAzq7B82/cmo6gvhDTAgcId9+RZCqtNqeq+ZZd7iS039BzTT3ihhBXYF9E/YeKyAt6gdBbSAsM1aZckOnBdWYBP5i2EVNrem9a0LhkJLqM8MxAca30ZTTTUl9kiKFB/RPM5hSVX1eU3MXV4q4MQu+4zsiSzrA4H1cPo6CLoRD0K4tD7vNa1GNneDuwFG3qOMCT84qf/5lET1ne8fU.7HK2nqn5cb2r</token></getHostedProfilePageResponse>

************************************************************

Form submission request (with paymentProfileId and token):

POST https://test.authorize.net/customer/addPayment HTTP/1.1
Host: test.authorize.net
Connection: keep-alive
Content-Length: 583
Cache-Control: max-age=0
Origin: http://127.0.0.1
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://127.0.0.1/scripts/cgiip.exe/WService=Callsys/createccaccountsubmit.p
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

paymentProfileId=1914998217&token=eGtsUl791jH49TMwGTzUKtvZmd4q6vzhtrqj%2BEFU%2FBuR9ZW36q3IGeU51P6OGixpL8p8u8ynu5MaZR8Extp%2BtXmYQMMzZxLOYJmNDws3v2Kzn0yKEkmWLrFkTquzcoo3ZWOEmlqNj3IQYQwp0IxQXo1TiVeEb1izPIAk9xGv87WKXQJPn2NSJQDwpj9wchGo1EhX8jvnDcS8csV30nwNQe0pBgjrJ4GA1TSoF413WWCljVx7cGO2AYKku4NY0Hn06RWE%2BBXqXYBpF79O%2BOlJcu0SRcG6tl2b8AY29Aq1oY8n0MHZAzq7B82%2Fcmo6gvhDTAgcId9%2BRZCqtNqeq%2BZZd7iS039BzTT3ihhBXYF9E%2FYeKyAt6gdBbSAsM1aZckOnBdWYBP5i2EVNrem9a0LhkJLqM8MxAca30ZTTTUl9kiKFB%2FRPM5hSVX1eU3MXV4q4MQu%2B4zsiSzrA4H1cPo6CLoRD0K4tD7vNa1GNneDuwFG3qOMCT84qf%2F5lET1ne8fU.7HK2nqn5cb2r

Form submission response (with "Payment Profile ID is not allowed" error):

HTTP/1.1 200 OK
Cache-Control: no-cache,no-cache,no-store
Pragma: no-cache,no-cache
Content-Type: text/html; charset=utf-8
Expires: -1,0
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Date: Tue, 07 Aug 2018 22:01:29 GMT
Content-Length: 4395
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">

<link href="scripts/lib/bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css">

<script src="scripts/lib/jquery.min.js"></script>
<script src="scripts/lib/angular.min.js"></script>
<script src="scripts/profile.js"></script>

<script src="scripts/lib/bootstrap/js/bootstrap.min.js"></script>

<head><title>
   Secure Information
</title>

<script src="scripts/components/paymentComponent/1_0/payment-min.js"></script>
<script src="scripts/components/addressComponent/1_0/address-min.js"></script>
<script src="scripts/components/bankAccountComponent/1_0/bankAccount-min.js"></script>

<script src="scripts/app.js"></script>



<link href="styles/editPayment.css" rel="stylesheet" type="text/css" />
<style type="text/css"></style>

<script type="text/javascript">
//<![CDATA[
var g_token = "eGtsUl791jH49TMwGTzUKtvZmd4q6vzhtrqj+EFU/BuR9ZW36q3IGeU51P6OGixpL8p8u8ynu5MaZR8Extp+tXmYQMMzZxLOYJmNDws3v2Kzn0yKEkmWLrFkTquzcoo3ZWOEmlqNj3IQYQwp0IxQXo1TiVeEb1izPIAk9xGv87WKXQJPn2NSJQDwpj9wchGo1EhX8jvnDcS8csV30nwNQe0pBgjrJ4GA1TSoF413WWCljVx7cGO2AYKku4NY0Hn06RWE+BXqXYBpF79O+OlJcu0SRcG6tl2b8AY29Aq1oY8n0MHZAzq7B82/cmo6gvhDTAgcId9+RZCqtNqeq+ZZd7iS039BzTT3ihhBXYF9E/YeKyAt6gdBbSAsM1aZckOnBdWYBP5i2EVNrem9a0LhkJLqM8MxAca30ZTTTUl9kiKFB/RPM5hSVX1eU3MXV4q4MQu+4zsiSzrA4H1cPo6CLoRD0K4tD7vNa1GNneDuwFG3qOMCT84qf/5lET1ne8fU.7HK2nqn5cb2r";
var g_inProgress = false;
var g_CustProf = {"paymentProfiles":null,"shipToList":null,"customerProfileId":"1914998217","merchantCustomerId":null,"description":null,"email":null};
var g_singleItemMode = true;
var g_billingAddressOptions = "showBillingAddress";
    var g_iframeCommunicatorUrl = "";
    var g_paymentOptions = "showAll";
function onPageLoad() {
if (false) {
    document.getElementById("spnNoScript").style.display = "none";
    var i = g_CustProf.paymentProfiles && g_CustProf.paymentProfiles.length > 0 ? 0 : 999;

}
}
//]]>
</script>

<script type="text/javascript">
var g_EcheckEnabled = false;
var g_CreditEnabled = false;
var g_AddressRequired = true;
var g_CardCodeRequired = false;
</script>
</head>
<body class="BorderVisible">
<div class="PageOuter" id="divPageOuter">
    <div id="divPopupScreen" class="PopupScreen" style="display:none;"></div>
    <div class="Page" id="divPage" ng-app="HostedProfileApp">
      <div class="PageMain" id="divPageMain" ng-controller="mainController">

<div id="MainContent_divErrorPanel" class="ErrorPanel container">
<div class="ErrorPanelMsg">
    <span id="MainContent_spnErrorMsg" class="ErrorMsg">Payment Profile ID is not allowed.</span>
</div>
<div id="divErrorPanelButtons" class="ErrorPanelButtons">
    <input id="btnCloseWindow" class="CloseButton" onclick="btnCloseWindow_onclick();" value="Close" type="button"/>
</div>
</div>


<div class="BottomLink center" id="divBottomLink" ng-show="showConfirm"><a id="lnkContinue" style="display:none;" href="https://helpdesk.barsnet.com/scripts/callsys.wsc/login.html?CustID=565" onclick="return lnkContinue_onclick();">Click to complete registration</a><button type="button" id="btnContinue" class="btn btn-default mainButtons" onclick='window.location = "https://helpdesk.barsnet.com/scripts/callsys.wsc/login.html?CustID=565";'>Click to complete registration</button></div> <div class="BottomLinkAfter"></div>

<div id="divIframeCommunicator" style="display:none; position:absolute; width:1px; height:1px; bottom:0px; right:0px; z-index:-1;"></div>
<script type="text/javascript">
//<![CDATA[
onPageLoad();
$( document ).ready(function() {
setTimeout("sendResizeWindowToMerchant()", 500);
});
//]]>
</script>

      </div>
      <div class="PageMainAfter"></div>
    </div>
</div>
</body>
</html>

Re: “Payment Profile ID is not allowed” error with hosted payment profile request

Anurag — Fri, 10 Aug 2018 05:48:35 GMT

Hi @BlueBirdARS1

For adding a new payment profile , you dont need to pass the paymentprofileID in it .

https://developer.authorize.net/api/reference/features/customer_profiles.html#Using_the_Accept_Customer_Hosted_Form

These are conditional fields .

Conditional Fields

To edit the payment profile, include a form field called paymentProfileId containing the ID of the payment profile that you want the customer to edit.
To edit the shipping address include a form field called shippingAddressId containing the ID of the shipping address profile that you want the customer to edit.

Check our sample app at https://github.com/AuthorizeNet/accept-sample-app

Thanks

Re: “Payment Profile ID is not allowed” error with hosted payment profile request

BlueBirdARS1 — Fri, 10 Aug 2018 14:20:22 GMT

Thanks Anurag,

I removed the paymentprofileID and did get the hosted payment screen. The form example in the Customer Profiles documentation showed the paymentprofileID, so I thought it was necessary.

Unfortunately, when I entered the card info into the hosted screen and submitted it, I got a "Customer Information Manager is not enabled." error. I can access the Customer Information Manager for my account and have three customers entered. I should mention that this is a sandbox account. Is there something else I need to do to enable it?

POST https://accept.authorize.net/customer/Api.ashx HTTP/1.1
Host: accept.authorize.net
Connection: keep-alive
Content-Length: 809
Accept: application/json, text/plain, */*
Origin: https://accept.authorize.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accept.authorize.net/customer/addPayment
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

address=75019&apiFn=createPaymentProfile&cardCode=&cardNumber=4003000123456781&city=Coppell&country=United+States+of+America&expirationDate=12%2F19&firstName=Steve&lastName=Walsh&paymentMethod=cc&phoneNumber=9723214569&state=TX&token=SzEDyHUGEPfbURZvVtiQcp9HKyVqyLY0eZV8U3dfwi3iigF2jFSWPAKNanPZ3zXA2Qf%2FyXR7zMgdrdCOrAgFSCkkFAqzkKvmgRAQYKb%2FiFQ%2FIGrzuKSA0E66c1MOndZ0%2Fy%2F%2FcKneZcOYoO1nQopbiOXSdiCKdjF7OFJT%2B9h2C0iF8yr%2BwdmnpnspPBZF1jlL2CAPGEU%2FsMJXkqjzob5VvN3LH9A%2FS9%2FYJfbl%2BhxhBysdXBZjfBHvaiacTq9Vrgny8%2FRx0nl3CgJzcV1f9DNA4wmCSwq1d2m69H4r5NwireBEYtrOLqO5PPBbidkVNPNuBf9776f%2B84Tx%2FMC%2BZRavdjY987t58ozAuH%2B%2BRLBsitUaN8hNLBZpOzMEpLstKYy2k27PcfK4sSlS%2BU7JlJyNXoubRW7dTTXw3G4h9kWm4y5aKzzJmQbhIbYXAULDamJ868drwHboAaa94%2BLeNWNhRuO3isbvbKYqDq1xHzrW82YlWskIWJnmmA54wIc63K5y.7HK2nqn5cb2r&zip=75019

HTTP/1.1 200 OK
Cache-Control: private,no-cache,no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: 0
X-Content-Type-Options: nosniff
Content-Length: 654
Date: Fri, 10 Aug 2018 14:00:41 GMT
Connection: keep-alive

{"resultCode":"Error","messageCode":"E00044","messageText":"Customer Information Manager is not enabled.","token":"LmbjcxjCgjIDF/s1iFxgJ/d4xalNNO7WYrJ2c8Lu4FB/GlZ28+rsFO4myEkNHDMWkHAg7LzaDNIcd8VkSP/atdRY5S6aYCUAkUbgBomB8SFXoE08WXJqM1RBIHyCbhX3l8XwUmftDHszXV+bu9FFCyPKaqJTHjMEXOaOZ8Iy7G54kFezxopWf3k5mXZwYwrq6hr5jKkx+f9HpWKLRMQ+xc6u/7VYHPrKR49uSAKvXahkWjlNtw/w4N9ktHMExWXk0xZoArEJcqfE3EMJfCp7Fu3wMnD8tBf0s1AR7ZAuRJuDcMPvMicvv3OMlrGt/GAmp95dzh9EjTj3hiH+bEClpDGZRSoB/AFflTdho3TYfmTQYAzKU5kK40odKtLzZo9Um8ntBF1zGmbKsBwZ3GZg4R7veTp7RxaOZ+yh+Inc3pIKSyCsOd1bho0iC9/wLXCuVLLoeZnuQA5WImttjVploOlEBTfLBCpfMMfA6sHb/OO/dkTFMEDgl97uRKzyuKKw.7HK2nqn5cb2r","data":null}

Re: “Payment Profile ID is not allowed” error with hosted payment profile request

Anurag — Sun, 12 Aug 2018 00:15:14 GMT

Hi @BlueBirdARS1

Can you create a new sandbox account and try with its credentials ?

Thanks

Re: “Payment Profile ID is not allowed” error with hosted payment profile request

BlueBirdARS1 — Mon, 13 Aug 2018 22:31:01 GMT

Actually, I got it to work. I had to change https://accept.authorize.net/customer/addPayment to https://test.authorize.net/customer/addPayment as the action on the form for the sandbox environment. Thanks.