cancel
Showing results for 
Search instead for 
Did you mean: 

"Webhook" VS "Silent Post" and custom fields

Hi Everyone, not sure if this the correct place to post this question.

 

Years ago I wrote an Authorize.NET integration solution for my company.  It uses a hosted payment page, and the "Silent Post" feature.  Recently we were told by a Auth.NET representative that "Silent Post" is unreliable, and we should switch to using "Webhooks".  So I am doing that work now, but I am noticing that Webhooks doesn't send any of our custom fields, and we really needs those to figure out which product was purchased.

 

Here are some extra details to help clear up some confusion.  This is the flow of our website:

 

1) First our clients will use our Portal to search for products they want to buy.  They add them to our shopping cart, and when they are ready to pay, they press a payment button.  That button causes a HTTP POST of the following form elements to Authorize.NET:

 

<form id=auth2 name=auth2 method='post' action='https://test.authorize.net/gateway/transact.dll'>
  <input type="hidden" name="x_login" value="12345">
  <input type="hidden" name="x_amount" value="75.00">
  <input type="hidden" name="x_slot_links" value="744">
</form>

 

There are more fields, but I didn't want to clutter up this forum post, so I put only 3 fields to illustrate the issue.  The "x_login" and "x_amount" fields are standard fields, while "x_slot_links" is our own custom field which stores the ID of the exact product that was purchased.

 

2) The moment this form is posted to Authorize.NET, their Payment Page pops open for the user.  There they enter their credit card number, expiration date, etc.  We liked this solution because it was PCI compliant.  Finally they hit the submit button on that page, which causes the credit card to be charged.  Additionally due to the "Silent Post" feature, an HTTP POST sends a form of HTML back down to our server with the transaction details.  It looks similar to this (with some fields removed for sake of simplicity):

 

<form>
  <input type="hidden" name="x_response_code" value="1" />
  <input type="hidden" name="x_response_reason_text" value="This transaction has been approved." />
  <input type="hidden" name="x_trans_id" value="40009641020" />
  <input type="hidden" name="x_amount" value="75.00" />
  <input type="hidden" name="x_slot_links" value="744" />
</form>

 

You'll notice that the "x_slot_links" field is forwarded along from our original form post.  But when I swicth to using "Webhooks" I no longer get that field.  This is what I get instead:

 

{
"notificationId":"2d56136d-29ec-4920-8ab9-31c844e39939",
"eventType":"net.authorize.payment.authcapture.created",
"eventDate":"2018-01-19T22:58:42.2377846Z",
"webhookId":"5fa0613a-0038-4b10-921d-99b7673390b1",
"payload":{
   "responseCode":1,
   "authCode":"HIKLVE",
   "avsResponse":"Y",
   "authAmount":75.00,
   "entityName":"transaction",
   "id":"40009641021"
}
}

 

How can I get custom field data using Webhooks?

 

Thanks!

RobSolem
Member
17 REPLIES 17

Hi Brian,

 

Thank you for your time and response.

 

I completely understand that clients don't like to redirect away from the portal. I agree it ruins the continuity of the experience and it also complicates the communication between systems. The only reason we went this route was due to PCI compliance. Incidentally we have developed several different credit card vendor integrations. In addition to Authorize.NET we have implemented PayFlowPro, PayFlowLink, FirstData, EPX, and a couple more. Some of them are straight API implementations, and some have the Hosted payment page. We made so many because many of our clients already had accounts with the various vendors and wanted to keep them. We also have some who require a PCI compliant solution, while others perfer the direct API implementations. Our Authorize.NET solution is one that needs to be PCI compliant.

 

You mention the "Accept" suite. I have only briefly looked it over, but so far it looks pretty good. I see it has PCI compliance across the various options. Unfortunately I don't think we have time to re-develop using this system. The sad state of things is the original Authorize.NET support representative I spoke with on the phone assured me I could simply copy the "Silent Post" URL and paste it into the "Webhooks" area and it should work without any extra effort. That is what I relayed to our CTO and Director of Development to convince them to go forward with the simple changes. Well, as you know it's not that simple, and it's been taking a while to try to get this working, so it looks like we are out of time.

 

Thanks for your suggestion though -- I will bring it up in our next meeting.

 

Regards,

Rob

Hi Anurag,

 

Thank you for your time and response.

 

I looked over your links and your proposed solution.  Unfortunately it looks like I would be using the API to charge the credit card, which I can't do because we need the Hosted Payment form to do the credit card transaction.  Mainly due to PCI compliance.

 

You can read my responses to Brian and Bhavana above to get some more details about our situation.

 

Best,

Rob

Hi Rob,

 

We're working on better support model for technical questions like this when they come through our phone support so I'm sorry you were misled on this issue.  If you do decide to move over to Accept please feel free to email developer@authorize.net and ask to be connected directly with Brian (they'll know who I am :-) and I'll be happy to correspond with you directly via email and help out with any aspects of the integration or any issues you may encounter.

 

Brian 

Thank you Brian, I appreciate the support.  I will mark your post as the answer/solution.

Hi @Anurag,

Do you mean “refTransId”? That’s only there if the transaction that you’re getting details for is a linked credit, and it just lists the transId of the related transaction. 

 

Edit: Wait, I see "transRefId" there tacked on to the end. Is this new? I don't remember it being there before.

@Aaron_Actual  not sure how long back we added it but yes its returned if refId is passed in the createTransaction request . 

 

https://developer.authorize.net/api/reference/index.html#transaction-reporting-get-transaction-detai...

 

 

 

transrefId Merchant-assigned reference ID for the request.

If your request included refId, we will return the value in transrefId.




Send feedback at developer_feedback@authorize.net

Well, just goes to show I've been away too long if I'm forgetting stuff like that :)

Could this be expanded so if you pass refId within "getHostedPaymentPageRequest", it will be returned in the related transaction details?