Cybersource Developer Community Cybersource Developer Community

Hello all,   We operate as a service provider, rather than a single merchant. A lot of our merchants are not too tech savvy so asking them to generate a public key (we're switching almost all merchants to Accept.JS from AIM) is like pulling teeth most of the time. Maybe when a merchant signs up a public client key is automatically generated for them or there could be an API request that generates a key for them so we can obtain the key from a 'getMerchantDetailsRequest'.   Also once again: love your service, your API is much better documented than a lot of your competitors, it's much more robust and the Accept.js library is easy to handle.   Myles ... View more

Looking for apply pay and andriod pay support. Do we have any? ... View more

A way to email a simple checkout link would be great.  I give custom quotes and it is very difficult to create a simple checkout button, then create a new page on my website then email the link to my customer, have the customer browse to my website, click the checkout  button and enter their information.    It would be much easier if I could email them the simple checkout link, then have them click the link from directly in their email and checkout. ... View more

I suggest its good if we can send parameters and enable/disable payment options (credit card/bank account) in "Get an Accept Payment Page" API request. Adding to that it would be nice if we can control credit card types (VISA/MASTER/AMEX/etc.) as well.  Then user can only pay using allowed credit card type if it is a credit card payment. ... View more

Since when you call the getCustomerProfileRequest and it will list all the payment profiles can you please add a field as to which one is the default one?   This would be extremely useful when showing a user a list of all their profiles and which one they have set as default. Otherwise it takes a lot more unecessary coding to show all the payment profiles and then have to determine which one is the default by making additional API calls. ... View more

Accepted Hosted BillTo and ShipTo Fields that are submitted through the getHostedPaymentPageRequest are discarded if the BillingAddress or ShippingAddress is not shown on the form.   In my opinion, these form fields are redundant for implementations where the customer has already entered this information and do not need to be shown again. It also jumbles and overwhelms the page. What is the benefit or purpose in discarding this information when the fields are not shown?   The address details are critical for avs matching among other things. Also, if the customer makes changes to the shipping fields, it is important that those changes sync up on my server, which is no easy task.    Please allow the BillTo and ShipTo information to pass to your system for avs processing, even if the BIlling and Shipping Fields are not shown on the Hosted Form. Thank you     ... View more

Currently, there is no easy way to get a list of transactions for a given subscription id.  To get a list of transactions for a subscription id. I load the subscription to get the customerProfileId and payentProfileId, call getTransactionListForCustomerRequest(customerProfileId, paymentProfileId), loop over the transactions returned in the response, and evaluate if transaction.subscription.id is equal to the subsciptionId I am looking for.  Furthermore, getTransactionListForCustomerRequest() uses paging, so I may need to call that API multiple times to get the collection of transactions for a subscription.   I am requesting there be a new API to get a list of transactions for a subscription id.  The new method would implement the standard paging and sorting.   See this Community Forum Discussion   Thank you for your consideration.   ... View more

Accept.Js works great!  It allows my website to capture Credit Card information without that data ever posting back to my servers.  I don't any PCI Compliance headaches.   My suggestion would be to enhance Accept.JS to also allow for ACH payments.  That is, have accept.JS allow for the capture of a Routing and Account Number.  It could look like this:   var secureData = {}, authData = {}, bankData = {}; bankData.routingNumber = document.getElementById('ROUTINGNUMBER_ID').value; bankData.accountNumber = document.getElementById('ACCOUNTNUMBER_ID').value; secureData.bankData = bankData; authData.clientKey = '6WrfHGS76gHW3v7btBCE3HuuBukej96Ztfn5R32G5ep42vne7MCWZtAucY'; authData.apiLoginID = 'my_api_login_id'; secureData.authData = authData; Accept.dispatchData(secureData, 'responseHandler'); Here's a related communit post.   https://community.developer.authorize.net/t5/Integration-and-Testing/Accept-JS-and-ACH/m-p/55887#M30714   Thank you for your consideration! ... View more

Currently there isn’t a way to create or retrieve a customer’s profile using a GUID.    It would be beneficial to use a GUID in a customer’s profile when created and retrieving the customer’s profile information.  The current API requires the customerProfileId to be known in order to get the customer’s information.  Using a GUID to get a customer’s profile information will allow easier linking from a company’s database to the payment gateway without having to know the customerProfileId.  ... View more

We are a software developer with an interface to Authorize.net's API for storing card data using Customer Information Manager and issuing transactions based on the saved payment profiles. A number of our clients separate credit card transactions by card type. To do this we need to know the card type for a payment profile saved in CIM. This information does not appear to be in your CIM documentation. Are there any plans for returning this data? ... View more

Currently, transactions flagged as suspicious and held for review by the Fraud Detection Suite can only be approved via the Merchant Interface.   It would be much more convenient if we were able to approve these held transactions via the API without requiring our admins to log into the Merchant Interface. ... View more

I need to be able to create new payment profiles on existing customer profiles at the same time as a transaction is being done, so I can skip the test transaction step. Currently, I can create new payment profiles with an authCaptureTransaction only if I also want a new customer profile. I am getting lots of complaints about the test transactions, and this would solve the problem. ... View more

Our store uses WooCommerce (WordPress) and we use Google Analytics to track our transactions. Because users leave our site to make their payment via Authorize.net, Google Analytics is unable to correctly attribute the subsequent conversions (showing as referrals from authorize.net). We've setup Analytics in Tag Manager and have enabled third party cookies (auto link domains), but without actually adding the code to the authorize.net pages, this is useless. I've seen many places where your customers ask this exact question and yet I've not seen a single workable response. Please create a way customers (or their developers) can enable and implement this tracking continuity.  ... View more

I don't think it's fair to put the status to delivered, (as @cggamer alluded to) as the request was specifically for getCustomerProfileRequest. It's nice that it was delivered for getCustomerPaymentProfileRequest but this means that you have to do multiple requests to show a customer's full profile, which I'm guessing most systems (including mine) would rather not. ... View more

There seems to be many companies that have more than a 1,000 unsettled transactions they need to review on a daily basis. Being able to pull this down programmatically is an important feature for us to evaluate/validate unsettled transactions each day. Removing the limit on the Get Unsettled Transactions API function would be a great help! Thanks, ... View more

The CIM iframe works great but lacks some display options.  For example, I use it at a newspaper where the billing and shipping info are both useful to have.  Unfortunately we cannot change the name of "Shipping" to delivery.  In the case of a newspaper, this might imply we will mail the subscription which is not the case.  It would also be nice to be able show or hide the shipping field if it wasn't needed.   The iframe should also support a responsively designed site.  It will position further down on the page by default when viewed on a mobile device. ... View more

It is unclear whether or not Authorize.net supports readers where the manufacturer is able to perform key injection of an encryption key provided by Authorize.net.   This seems like a straight-forward concept that should be documented on the mobile reader support page.  Forum posts (other than mine) indicate confusion about this issue.  Unfortunately, the support reps don't really understand the question and can only answer based on what they read from the site, so calling support does not help.   ... View more

We'd like to proactively email customers who have credit cards about to expire. It would be very helpful to have one call that would return all those customer ids with payment profile id(s) and expiration date. ... View more

As noted in the FAQ, Authorize.net waits 10 seconds to receive a response from DPM POST requests: http://developer.authorize.net/faqs/#rrcauses   It also notes that "On occasion, timeouts will occur that are outside of the control of your script or our servers. Typical reasons for these timeouts are Internet traffic, merchant server overload or malfunctions, or Internet routing issues. Depending upon your server location and what route is used to send data, it is possible that you may occasionally receive a time out message."   It appears that Authorize.net does not retry a failed POST, even if the 10 second timeout has not been reached. This was confirmed by an admin in the forums ("We currently do not retry failed posts").   I propose that this behavior be changed. If an Authorize.net POST request fails, prior to the 10 second cut-off, the POST should be retried, possibly with a short backoff (e.g., wait a second or two to reinitiate, to prevent a flood of requests).   As background, we have been using DPM successfully for a couple of years now, but we do occassionally see "timeout" errors. Crucially, it does not appear that these are actually caused by timeouts. The first thing we do in handling the response is log receipt of the request. But we see no evidence of having received the requests in our logs. Which suggests that the problem is happening outside of our network.   As it currently stands, Authorize.net's POST request could fail immediately due to some extremely transitory issue (perhaps even within their network). They would immediately receive a "connection reset by peer" error or whatever. And even though virtually none of the 10 second timeout period has been consumed, the customer receives a timeout error.   The DPM process should make more of an effort to communicate the transaction status and prevent this failure scenario.   Possibly related to this request would be additional logging facilities, so that both Authorize.net and its customers could have more insight into what exactly is occuring. IOW, it would be very helpful to have some visibility into *why* Authorize.net's POST request failed, and how long it took. It could provide much needed stats to discover how often the "timeout" problem is happening and whether these suggested changes are actually making a difference.             ... View more