Showing results for 
Search instead for 
Did you mean: 

Direct Post Method for CIM??

Is there a reason why no direct-post method exists for the CIM service? I'd prefer not to use an hosted form.


While there is no direct analogue to Direct Post Method for CIM, we have designed our hosted CIM forms so that they can be easily inserted into a page of your own design. This brings you most of the advantages of DPM without sacrificing any of the flexibility given to your cusotmers to view and update their own payment profiles. I can certainly pass it on to our developers that you would like to see something more like DPM for use with CIM, but it simply isn't something that we are planning at this time.

Administrator Administrator

I suppose my main concern is just how much control we have over the forms that you display on our site. It's not clear from the documentation.
From the documentation:

Enter the URL for the page the customer returns to  when the hosted session ends. Do not pass this  setting for iframes or popups.  The return URL is validated to verify that it begins with  http:// or https://.

Enter the text to display on the button that returns the  customer to your website. The value can be any text  up to 200 characters. If you do not pass this  parameter, the default button text is Continue. Do not  pass this setting for iframes or popups. 

Enter true or false. Must be false for iframes or  popups, and must be true for redirects. 

Enter a hex color string such as #e0e0e0. The  background color of the section headers changes  from gray to a custom color. 

Enter the URL to a page that can communicate with  the merchant’s main page using javascript. This  enables you to dynamically change the size of the  popup so there are no scroll bars. This parameter is  required only for iframe or lightbox applications.


Hosted CIM is fairly stark and unobtrusive, from what I can see in the screenshots, so I wouldn't think it would be difficult to make it look good as part of your site.

I'm more concerned about the content of the forms as opposed to the look-and-feel. Suppose, for instance, that the form asks for information the customer has already entered elsewhere on our site. The redundancy could be confusing. Can I control what fields are shown? Can I prepopulate them with data if I already have it?

You can link profiles created through regular CIM calls, which means you can initialize some of the fields - all if you include credit card data. But you can't pass data directly to hosted CIM forms. As for choosing fields, you can do this globally through your account control panel, just not for individual forms. I've copied and pasted from my control panel, these have checkboxes next to them for View, Edit, Required.


Payment Information
	Recurring Billing Transaction 			
	Card Code 			
Order Information
	Invoice No 			
Customer Billing Information
	First Name 			
	Last Name 			
	Zip Code 			
	Customer ID 			
	Customer Type 			
	Customer TaxID/SSN 			
	Drivers License Number 			
	Drivers License State 			
	Drivers License Date of Birth 			
Shipping Information
	First Name 			
	Last Name 			
	Zip Code 			
Additional Information
	Tax Exempt 			
	PO Number 			
Security Code
	This security feature helps to prevent unauthorized access to or abuse of your Payment Form by automated Internet Web programs. When this feature is enabled, the customer is required to enter a security code from a randomly generated image embedded in the Payment Form to continue with their order.
	Require the Security Code feature on the Payment Form.
Shipping and Return Policies
	Include a link to your shipping and return policies page on your Web site on the Payment Form.
	Shipping and Return Policy URL: 


Part of the problem is I'm not finding any documentation on the account control panel, so it's not clear what all I can control. Based on what I'm reading in the API docs and in what you say, it sounds like the following is possible:


  1. Create a customer profile via the API with any pertinent information I already have.
  2. Present the user with a hosted CIM form requesting only credit card data, which will be added to their profile.
  3. Transact against that profile.

Is this correct?

More or less, assuming it lets you create the profile without including at least one billing profile. Other people have tried doing this as well and has some problems, though I'm not entirely sure whether it was their implementation or They were using XML rather than the API on top of it, gives a lot more scope for error.

According to the API docs, payment profiles are optional in the createCustomerProfileRequest function. So it should work.

Billing profiles are optional, but at least one person recently claimed they couldn't put contact info into a profile without also including credit card information. Don't know if that's true or not, experiment and let us know.