Showing results for 
Search instead for 
Did you mean: 

How to call GetHostedProfilePage

I'm trying to implement the CIM hosted payment popup using the code sample in the file in ASP.NET C#.


There are instructions in above the form tag that says:

"Put this hidden form anywhere on your page with the token from the GetHostedProfilePage API call."


I haven't had any luck trying to figure out how to call the GetHostedProfilePage method.  I added a web reference to in my project.  I see a reference to the GetHostedProfilePage method in the web service, but am unable to call the method from code.  I've got a using reference to my Authorize.NET SOAP object.  Does someone have a code sample that has successfully implemented this in .NET?  Thanks!



We just signed up for the CIM system yesterday and I'm lost on this issue as well.


We need to use the hosted java version, and I can't figure out how to get the GetHostedProfilePage API call (or any other call) either.


The instructions say we can use the sample docs from the download area to get the hosted version working.


Other than two CSS files, the downloaded sample files include only 3 files that could potentially generate anything.

One is examplepage.html,  which is the parent page for the whole process.


The second is popup.js,  which appears to be the code used to pull up the specific thing the user wants to do, based on the button that they push on examplpage.html.  (I.E., change shipping address, add a card, etc).


The third page is IFrameCommunicator.html,  which I have no clue what it does.  It is not called into any other page that was downloaded and it does nothing at all by itself (just brings up a blank page).


I've searched for the term 'GetHostedProfilePage' across all of the available documents.  The only time it comes up is on one line in examplepage.html where it tells us we need to use it to get a token.


I've provided the information above, not to point out the obvious, but to let you know what files I actually have here.  Perhaps I'm missing something important and just don't know it.


Thanks for any assistance with this issue,







Regular Contributor

Almost forgot..


When I actually run the examplepage.html page, and press any button that appears on it, I get the following message almost instantly:


"The page has timed out. Please go back to the beginning and try again"


Below that message is a 'Close' button that doesn't work.




Same symptoms here.  We need to fill in the "Token" value on the hidden field in the sample html file.  The GetHostedProfilePageResponseType contains that token.  I instantiated a Service object and now I'm able to call GetHostedProfilePage.


// net.authorize.api is the name I assigned to the Auth.NET
// web service reference
Service webService = new net.authorize.api.Service();
webService.Url = useSandBox
? ""
: "";


In our particular case, we really need to use the Hosted API version of the CIM system.


We were 'told' that the AuthorizeNet system has versions for ColdFusion to be used to integrate the payment systems,  and the example code we could download was basically 'plug-and-play (other than changing the LoginID/TransactionID to valid numbers).

This is true for SIM,  but not for CIM.  From the looks of it,  the ColdFusion example codes worked as intended for the SIM system.  Just changed a couple lines to include valid information and we're off and running.


We've signed up for the CIM and see that it's available in  XML, C#, SOAP and Java... but no Coldfusion.


Java I can deal with, if it worked as described (basically, just changing a few lines to valid code).

XML I might be able to figure out,  if the example pages were as simple as described (same issue).


We wont be collecting any actual payment information on our server - that's what CIM is supposed to do for us.


What I need is example JAVA code that

1.)  Gives me the ability to request the blank profile be created on the CIM system when a new customer signs up.

2.)  Gives me the ability to then 'read' and store that new profile number for the customer record on our server.

3.)  Gives me the ability to pass that profile number,  an order id number and a price to the transaction server when an actual purchase is made

4.)  Gives me the ability to 'read' the results of that purchase


I don't need to send any credit card data 'to' the CIM system.  The customer will input that themselves when they get redirdcted to the CiM system on the Authorizenet server.


Getting past the first hurdle of requesting the token,  and then being able to 'read' that token so I can stick it in the appropriate field,  will probably go a long way in my figuring out how this thing works.  The rest of the calls probably work very much the same way this first call does,  so that will hopefully get us on the right track.





Regular Contributor

Seem to be getting a little closer here..


After downloading the SDK and fiddling with the code,  I've produced this:


Raw request: <?xml version="1.0" encoding="utf-8"?><createCustomerProfileRequest xmlns=""><merchantAuthentication><name>123MY_ID</name><transactionKey>456_MY_KEY</transactionKey></merchantAuthentication><profile><merchantCustomerId>12345</merchantCustomerId><description></description><email></email></profile></createCustomerProfileRequest>


 Here's what gets returned when the above code is sent:


Raw response: <?xml version="1.0" encoding="utf-8"?><ErrorResponse xmlns:xsi="" xmlns:xsd="" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"><messages><resultCode>Error</resultCode><message><code>E00045</code><text>The root node does not reference a valid XML namespace.</text></message></messages></ErrorResponse>

The operation failed with the following errors:
[E00045] The root node does not reference a valid XML namespace.


 Looking at the PDF, there are 3 different URLs that can potentially be used for this to work.

 Developer Test:
 XML Schema:


 My account is currently active, but in 'test mode'.

 To eliminate the list,  I tried using all three of those addresses,  each coming back with a different error code.

 The one listed above is simply the one with the least errors.


 I looked up that particular error using the on-site search here and the only thing that came up was someone else who had that error, and the response to it was 'ignore it, the SDK should be working fine even though that error is on the page".

 Unfortunately,  if you look at the resulting code,  it is not 'working fine anyway'.


 The above code should have provided me with a code to use for the new CIM profile.  It does not.


 Any ideas?  (still pounding away here trying to figure this out)




After a couple hours of additional attempts,  I noticed something in the response message (above).


In one line it says: xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd


I know that in the downloaded example code,  we are supposed to change the part of that that reads "AnetAPI" to the actual server that we are intended to use for the process.

I assumed that I may have missed one somewhere,  so I swept through the code to see where it could possibly be still getting "AnetAPI", and that particular wording is nowhere to be found on any document on my system.


So..  the only logical conclusion I can come up with is that the error being caused by the "AnetAPI" reference is something at the AuthorizeNet server side of the process (nothing I have any control over).


 The only other alternative is that, on the AuthorizeNet server, there is actually a directory called AnetAPI that is being called by the code at that end (unlikely, but possible).


 Is the CIM service/system still in Beta testing or something?   With as many people posting problems about it,  I would hate to think that this is considered an active release version of the system.


 /sarcasm off


 I guess we'll just have to wait to see what the gurus can come up with.   The rest of the AuthorizeNet system is working fine, no complaints.  The CIM system needs work.





Bump! Can anyone at give us lowly users a hint about how to call this required and mysterious API?? Thanks

For anyone coming after, here is a C# function to get the token:


        public static string GetHostedSessionKey(UInt32 customerProfileID, Uri callingPage)
                //build a path to IframeCommunicator from the calling page
                string communicatorPath = String.Format("{0}://{1}:{2}", callingPage.Scheme, callingPage.Host, callingPage.Port);
                string[] segments = callingPage.Segments;
                //replace the very last entry with contentx/IframeCommunicator.html
                segments[segments.GetUpperBound(0)] = "/contentx/IframeCommunicator.html";
                foreach (string s in segments)
                    communicatorPath += s;

                string requestXML = String.Format("<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
                                                    "<getHostedProfilePageRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" +
                                                        "<merchantAuthentication>" +
                                                            "<name>{0}</name>" +
                                                            "<transactionKey>{1}</transactionKey>" +
                                                        "</merchantAuthentication>" +
                                                        "<customerProfileId>{2}</customerProfileId>" +
                                                        "<hostedProfileSettings>" +
                                                            "<setting>" +
                                                                "<settingName>hostedProfilePageBorderVisible</settingName>" +
                                                                "<settingValue>false</settingValue>" +
                                                            "</setting>" +
                                                            "<setting>" +
                                                                "<settingName>hostedProfileIFrameCommunicatorUrl</settingName>" +
                                                                "<settingValue>{3}</settingValue>" +
                                                            "</setting>" +
                                                        "</hostedProfileSettings>" +
                                                {your merchant login ID},
                                                {your merchant transaction key},
string XMLURL = "";
                System.Net.HttpWebRequest req = (System.Net.HttpWebRequest)System.Net.HttpWebRequest.Create(XMLURL);
                req.CachePolicy = new System.Net.Cache.RequestCachePolicy(System.Net.Cache.RequestCacheLevel.NoCacheNoStore);
                req.KeepAlive = false;
                req.Timeout = 30000; //30 seconds
                req.Method = "POST";
                byte[] byte1 = null;
                System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
                byte1 = encoding.GetBytes(requestXML);
                req.ContentType = "text/xml";
                req.ContentLength = byte1.Length;
                System.IO.Stream reqStream = req.GetRequestStream();
                reqStream.Write(byte1, 0, byte1.Length);

                System.Net.WebResponse resp = req.GetResponse();
                System.IO.Stream read = resp.GetResponseStream();
                System.IO.StreamReader io = new System.IO.StreamReader(read, new System.Text.ASCIIEncoding());
                string data = io.ReadToEnd();

                //parse out value
                XmlDocument doc = new XmlDocument();
                XmlNodeList token = doc.GetElementsByTagName("token");
                return token[0].InnerText;
            catch (System.Exception ex)
                Utility.NotifyOnException(ex, String.Format("profID={0}", customerProfileID));
                return null;



Thanks a lot for C# code. I have a doubt. Once we get token, where is the placeholder in request to pass token as a request along with other information like amount, credit card expiry date etc. 


Please clarify this.


Thanks in advance