Showing results for 
Search instead for 
Did you mean: 

Iframe or Hosted Redirect - invalid or missing token

Hello all,


I'm very happy there's such a great developer's community here!

I'm implementing the CIM solution. I've spent a few days going over the sample code and felt that I understood the big picture. I've been able to send an XML request for a profile ID - successfully - and a subsequent XML request for a token apparently successfully; I get a token that looks similar to this (all this output being echoed in the browser window: 5qUQDuuBL4deq6N7W3DBBuSEsA9oPZOY91S6f76p/wS1EU2v8EPQks8kC78FV1qkML3MuWzMO/Cl6b5Fq4hDlcXkG1hb3JC3lbrRgTdPHBRGZf2GQ6tiAqa8TfPkYvap8voN922BncMgP/++pmqtIeVPA3GV9UDmUCHckEcYnha3ytdzvEhZxskcB6/KKen0


I've got a form named "tokenform" which has a hidden field with the token in it, and targets the iframe name. The iframe opens up and displays a message "Powered by" & "Missing or invalid token."

Here's the section of code I think is having an issue:



<form name="tokenform" target="authnetpopup">
<input type="hidden" name="tokenfield" value=<?php echo htmlspecialchars($token); ?> />

<iframe id="authnetpopup" name="authnetpopup" src=""></iframe>



If someone could point out what must be the obvious, I'd be eternally grateful!


Thanks so much. Looking forward to your assistance!





I suppose I could try it. It seemed like there was quite a bit of extra fluff in it and I just wanted to strip it down to the basics. But at this point I'm willing to give anything a try. I'll post back later :) Thanks for all the suggestions.

Now that I'm awake. the problem is that the <form /> is not posting anything, it doesn't have a button, there is no javascript that post the form. So basically, you are just try to open on a iframe which will fail because it not getting any token. Download the sample code and see how it work and change it to work with php.

It had to be the button since as far as I could see, the js file simply managed the behavior of the popup. However, since I do like the way it makes the popup look I might just keep it. However I'm now getting a new error message: CIM is not enabled, but I'm using the sandbox and everything should be enabled, am I right? At least I'm getting a different error message! I'll doublecheck the API login info.

There is a line in the examplePage.html

// Uncomment this line to use instead of
//AuthorizeNetPopup.options.useTestEnvironment = true;

For some reason it just wasn't working in the sandbox, with or without the test account enabled. I did use the "real" account credentials and that worked just fine. Thanks for working with me on this!!