We currently host about 40 copies of an application on IIS, each of which belongs to a different customer with a different Authorize.Net account. Each copy of the application has its own Application Pool, but several copies have multiple Authorize.Net accounts associated with them depending on the type of transaction. The application was originally written years ago and posts directly to the AIM method, but we are interested in upgrading to the C# DLL.
In the implmentation instructions, the code begins with:
ApiOperationBase<ANetApiRequest, ANetApiResponse>.MerchantAuthentication = new merchantAuthenticationType() { name = "API Login", ItemElementName = ItemChoiceType.transactionKey, Item = "Transaction Key", };
I believe it's the case, but I'd like to verify that setting that propery will only apply to the current application copy and current request and not change anything in a global manner, so that it's safe for us to use the DLL in the hosting situation described above, especially where one copy of the software may be making multiple concurrent transactions on different Authorize.Net accounts.
If that is not the case, is there an alternate way of providing the authentication directly with the request so that we can move to the DLL?
Thanks in advance for the help!
04-07-2017 10:21 AM - edited 04-07-2017 10:23 AM
Hi @pepper,
You can see a more complete sample in our sample code repository. In the sample code, this isn't changing things, but just getting a variable from where you want to store it. If you stored these credentials in global environment variables where they weren't unique to each application, obviously that would be a problem, but if you stored them in a constants file specific to each application, that would work. Just refernce the constants file earlier in your code.
Or, there's nothing stopping you from replacing that line with a hard coded reference like
name = "sda284has", ItemElementName = ItemChoiceType.transactionKey, Item = "9834kjh5kljhgflisdhfg98y93h4rw",
04-10-2017 05:46 PM
Hi Aaron,
Thank you very much for responding, I really appreciate the help. I may have done a bad job of explaining where I'm getting confused, so I was hoping to get some further clarification.
Specifically, I'm confused on this bit right here:
ApiOperationBase<ANetApiRequest, ANetApiResponse>.MerchantAuthentication = { credentials }
What's confusing me is that it appears to me to be setting some kind of global or environmental property, compared to posting to the AIM directly via HTTP POST where I would send the API Login and Transaction Key with each. My main concern is understanding the scope of that assignment and whether it will cause issues with concurrency.
For instance, given the hosting situation I described (approx 40 copies of the application, all with different Authorize.Net accounts, each in their own Application Pool in IIS), if multiple applications are all trying to process credit card transactions with the DLL and they're all setting that above value each time, will there be concurrency issues? Similarly, in the situation of copy of the application where our cusomter has decided to use multiple Authorize.Net accounts depending on the transaction type, will that face concurrency issues?
All that said, I think I have a solution that prevents this problem based on the documentation so I'm hoping to get your feedback on this as well. I think I can eliminate that quoted line from the code and instead create an instance of the merchantAuthenticationType class and pass that to the createTransactionRequest class like this:
merchantAuthenticationType myMAT = new merchantAuthenticationType { name = "API Login", ItemElementName = ItemChoiceType.transactionKey, Item = "Transaction Key" }; createTransactionRequest myRequest = new createTransactionRequest { transactionRequest = myTR, merchantAuthentication = myMAT };
That way, the credentials are passed directly to the specific request and no global values are changed.
I've tested it in the sandbox and it works fine, but since it's different than the official documentation, I wanted to play it safe and check with you.
Once again, thank you so much for your help!
04-10-2017 07:33 PM
Hey guys, I was just following up to see if any staff members could comment on my response. In particular, removing this:
ApiOperationBase<ANetApiRequest, ANetApiResponse>.MerchantAuthentication = { credentials }
and doing this instead:
merchantAuthenticationType myMAT = new merchantAuthenticationType { name = "API Login", ItemElementName = ItemChoiceType.transactionKey, Item = "Transaction Key" }; createTransactionRequest myRequest = new createTransactionRequest { transactionRequest = myTR, merchantAuthentication = myMAT };
in order to avoid possibly setting or changing any environment values or affecting any other simultaneous transactions in any way. Thanks for the help.
04-16-2017 11:37 AM
Hi @pepper,
I only have a few minutes, so I haven't dug into the SDK to see if there's a setter for merchantAuthentication in createTransactionRequest.
Have you tried this in sandbox and had it work? If it works there, there's no reason why this wouldn't work for you in production.
04-19-2017 03:07 PM
@pepper, what you've described is how I'm currently using it. We have multiple Authorize.Net payment gateway credentials and users choose which Auth.Net account they want to use from a dropdown, before creating the customer/payment profiles. And depending on which credentials were used, they have access to a different set of cards (since it's isolated between the different gateway accounts).
Anyhow... For each request, I can pass it a merchantAuthentication with the details I want it to use.... and it seems to be working as expected.
Good luck!
--Kevin Fairchild
04-20-2017 09:00 AM - edited 04-20-2017 09:02 AM
Thank you both very much, I really appreciate the help! Have a great rest of the week!
04-20-2017 09:12 AM