With the recent changes to the MD5 Hash, I was testing in the Sandbox where the MD5 Hash parameter is supposed to be disabled. In testing I found that if we did ot supply either the "x_fp_hash" nor the "x_SHA2_Hash" parameters we were met with an error upon attempting to load the SIM checkout page.
The error given was
"The gateway no longer supports the requested method of integration. "
Below is the basic data format we are using is:
<form name="AuthorizeNetForm" method="post" action="https://test.authorize.net/gateway/transact.dll">
<input type="hidden" name="x_login" value="abc123"></input>
<input type="hidden" name="x_fp_sequence" value="01234567890"></input>
<input type="hidden" name="x_fp_timestamp" value="01234567890"></input>
<input type="hidden" name="x_currency_code" value="USD"></input>
<input type="hidden" name="x_test_request" value="TRUE"></input>
<input type="hidden" name="x_amount" value="4.00"></input>
<input type="hidden" name="x_show_form" value="PAYMENT_FORM"></input>
<input type="hidden" name="x_version" value="3.1"></input>
<input type="hidden" name="x_method" value="CC"></input>
<input type="hidden" name="x_type" value="AUTH_CAPTURE"></input>
<input type="hidden" name="x_relay_response" value="TRUE"></input>
<input type="hidden" name="x_relay_url" value="https://mysite.com/app?PageId=AuthorizeNetSimOrder&UserId=3000&OrderId=12345&ResultId=10...>
<input type="hidden" name="x_description" value="test description"></input>
<input type="hidden" name="x_invoice_num" value="123456"></input>
<input type="hidden" name="x_solution_id" value="AAA12345"></input>
</form>
Since the x_fp_hash parameter is being removed, is this correct that the transaction fails when no hash is supplied? It appears that the hash value is for use with validation of the return transaction. Hypothetically, if that validation is not performed, is there still a requirement to pass in a hash value in the first place?
