Showing results for 
Search instead for 
Did you mean: 

DPM - The merchant login ID or password is invalid or the account is inactive.

I keep receiving the error message "(13) The merchant login ID or password is invalid or the account is inactive.", and I'm having lots of trouble figuring out how to make things work.


I'm using DPM in a sandbox account.


I get this error message when using the example code found in step 3 of the quick start guide ( and when using my own code. Code from the quick start guide is live at


I have set and triple checked my md5 setting.


I turned off Password-Required Mode.


I have tried using both versions of the SDK available for download (1.8.1 & 1.8.0)


I tried visiting the URL below to test my login ID and transaction key. When doing this, I received a successful response, so I believe I am using the correct values for login ID and transaction value.


I am posting transactions to


I am not sending my transaction key as part of my post, but it is used in the creation of the fp_hash.


I have hit a wall. Any guidance would be greatly appreciated.


Many thanks,




Hello @droves 


Try adding the following:





Administrator Administrator

Hi Richard.


Thank you for your reply.  I added the code you suggested, both to the example code I'm trying to get to work and to my own code, but in both cases I am still seeing the same results.

I just checked my PHP version, and it's 5.3 so I meet the 5.2+ requirement for the SDK.


In case it might help, I have copied the example code I'm trying to make work below (origionally taken from  I think it would be best to focus on getthing this working, as it is simpler than my application.  I am (as of now) using SDK version 1.8.0 (as labeled in GitHub) since the file names in this release match what is used in the example code from the "15 minute" tutorial.


Since it's just a sandbox account, I left the key and md5 in place.  I can always change these later.


Code is live at


require_once 'sdk/AuthorizeNet.php'; // The SDK
$url = "";
$api_login_id = '3BUzLmm78r';
$transaction_key = '8nezT3536PY9Dfb8';
$md5_setting = 'md579kdi73ndspthHalu'; // Your MD5 Setting
$amount = "5.99";
AuthorizeNetDPM::directPostDemo($url, $api_login_id, $transaction_key, $amount, $md5_setting);

The DirectPostDemo does three diffferent things depending on the stage of the transaction:


1. It creates the payment form.

2. If it detects that a post is received, it acts as the relay response page. This means that it reads the transaction response, appends the results to a querystring and appends to a querystring and redirects again to your URL along with a query string.

3. Finally, it reads the querystring and displays the appropriate response to the customer.


Reviewing your site, it appears to be failing on Step 2.  The transactions are being attempted, and the redirect page is being reendered, but the redirect URL is invalid. Here is the html being generated:


<meta http-equiv="refresh" content="1;url=?response_code=3&response_reason_text=The+referrer%2C+relay+response+or+receipt+link+URL+is+invalid.">


The transaction failed (response_code=3), but that's not the main issue here. The main issue is that somehow the url is not being written, it is  being replaced with "1;url=". As a result of this and the way that relay response works, you are being redirected back to our API URL again and that's when you are seeing error 13.


The code that is generating this URL is pretty straight-forward, so really the only thing that I can think is that somehow the SDK has been modified. Is it possible that you have a stray keystroke in the directPostDemo method itself?



Thank you for your help and for the additional insight into what's going on.


I downloaded a fresh copy of the SDK from GetHub, and uploaded it to my webhost.  Unfortunately, this did not fix the issue, so we can rule out my having accidently modified the SDK.


HOWEVER, this jarred loose some other thoughts, and may have sent me down a path that will lead to things being fixed.


I failed to enter the URL for the example code ( into the sandbox account as a Response Relay URL.  Then, when I received the same error code from the example code as I received from my own code, I assumed that the same problem applied to both.  After entering the example code URL as a response relay URL, the example code is now working.


My main application still gives me the same error, but now at least I have some working code that I can disect to come to a better understanding of what's wrong and how to fix it.


Many thanks for your help!