Hi,
I am having issues validating Silent Post requests for ARB. More specifically, AuthorizeNet.SIMResponse.Validate() returns false on ARB silent posts. If I do a one-time purchase then Validate() returns true and everything works fine.
I looked closer at the Silent Post request parameters and discovered that the x_MD5_Hash value is different for every ARB request.
I did some experimentation with one-time and ARB purchases. I placed 3 one-time purchases of 100.00 and 3 ARB of 100.00. Here are my sandbox credentials:
API Login: 34dH2y7U5Js7
Transaction Key: 9Ue5tb5x5Z8X92cG
MD5 Hash: 12345
When I receive the one-time purchase silent posts, all 3 had x_MD5_Hash value 9E2D473765921FEE2E03B983F338E277, which validated correctly. However, when I receive silent posts for ARB, the x_MD5_Hash values were all different: 7C498583D0E6B05E36742B0CB90D1A27, FCACD569BA57835ADBE191FB309F029A, 4891A406F90B98C837AF795D85D588E5, and none of them validated.
I was under the impression that x_MD5_Hash value depends only on API Login, Transaction Key, MD5 Hash, and purchase amount. Since they are all the same then why are ARB x_MD5_Hash values all different?
Also, can I use the AuthorizeNet.SIMResponse.Validate() API on ARB calls? If not, what is the alternative?
Thanks for your help
