cancel
Showing results for 
Search instead for 
Did you mean: 

Minimum Requirements for submitting transactions using AIM

In the AIM Developer Guide, p. 13-15, transaction key is listed as required.  However below is our LIVE name/value pairs (without transaction key), that has been working for years.  My questions are 1) how has this worked?  2) Is there a recommended list of name/value pairs that are considered best practice implementation?  Thanks!

 

strPost &=

"x_Login=" & AUTHORIZELOGIN & "&"& _

 "x_ADC_Relay_Response=True" & "&"& _

 "x_ADC_Delim_Data=True" & "&"& _

 "x_ADC_URL=False" & "&"& _

 "x_Amount=" & intAmt.ToString & "&"& _

 "x_Card_Num=" & x_Card_Num.Text & "&"& _

 "x_Card_Code=" & x_CVV2_No.Text & "&"& _

 "x_Exp_Date= " & txtExpDate & "&"& _

 "x_First_Name= " & x_First_Name.Text & "&"& _

 "x_Last_Name= " & x_Last_Name.Text & "&"& _

 "x_Address=" & strAddr & " &"& _

 "x_City=" & x_City.Text & "&"& _

"x_State=" & txtState & "&"& _

"x_Zip=" & x_Zip.Text & "&"& _

 "x_Cust_ID=" & strSSN & "&"& _

 "x_invoice_num=" & "&"& _

 "x_description=" & ""

kbh
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Found that if I go into the user interface, "Settings", "Password-Required Mode", and check the "Require Password for ALL transactions", I get an error message when sending only the API login ID.  Adding the Transaction Key results in an approved transaction.  We had this feature unchecked, which probably is not a good policy.

View solution in original post

3 REPLIES 3

It's theoretically possible that the transaction key is being inserted via AUTHORIZELOGIN or strPost. Have you printed out the entire post value just prior to sending it to Authorize.net to see if it's actually missing or not? Also, is there a particular reason why you're using a post string and not the API? Is your language not supported?

TJPride
Expert

TJPride:  Thank you for your reply!  I've set a breakpoint at the very point where the string goes to Authorize, there is no transaction ID in the string.  The value of AUTHORIZELOGIN is only the 9-character login id.

 

Yes I also aware of the difference between a "test account" (which posts to https://test.authorize.net/gateway/transact.dll) and a live account in "test mode" (which posts to https://secure.authorize.net/gateway/transact.dll).

 

To your point of using the API - I am using VB.NET, and am basically doing the same thing the Authorize sample code does:  1. Concatenate all name/value pairs 2. Create an HttpWebrequest object 3. Post data as a stream to Authorize.

 Am I missing something?

Found that if I go into the user interface, "Settings", "Password-Required Mode", and check the "Require Password for ALL transactions", I get an error message when sending only the API login ID.  Adding the Transaction Key results in an approved transaction.  We had this feature unchecked, which probably is not a good policy.