developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

webhooks with multiple auth.net accounts-

View the SolutionThis topic has been marked as solved.

 

I have a website that I need to send payments to 2 different merchant accounts, this is based on what account the current user belongs to, example user1 sales go to store #1 Auth.net account, and user 2 sales go to store#2 auth.net account.  The order is sent with getHostedPaymentPageRequest(); at this time I know what auth.net account I am sending the payment to.  The issues comes when I register a webook

I have an endpoint listening on ....PaymentNotification\PaymentEvent and I recieve the callback however to know more about that order I need to call getTransactionDetailsRequest(), however

I dont know what store credentials I need to pass to get more details about the transaction.  I attempted to add a peramter on the webhook url(PaymentNotification\PaymentEvent?id=1) but it is invalid.  I could make a webhook callback for each store but I dont want to do this for (N) stores. How can I know who the transaction belongs to before I make the getTransactionDetailsRequest()?

 

 

 

 

 

 

1 person had this problem.
sandboxAuthNetT
Member

‎11-16-2017 01:23 PM

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

View the SolutionThis topic has been marked as solved.

Hi 

 

If you dont want to have a different webhook callback url then another workaround is to use the hash  verification to check which merchant it belongs to . 

 

The hash is sent in a custom header: X-ANET-Signature along with the webhook .

Using the signature key, the body can be hashed again using the same algorithm. The calculated hash should match the hash sent in the header. 

 

https://developer.authorize.net/api/reference/features/webhooks.html#Verifying_the_Notification

 

Hope it helps . 

 

 





Send feedback at developer_feedback@authorize.net

View solution in original post

Anurag
Moderator Moderator
Moderator

‎11-16-2017 10:30 PM

0 Kudos
3 REPLIES 3

View the SolutionThis topic has been marked as solved.

Hi 

 

If you dont want to have a different webhook callback url then another workaround is to use the hash  verification to check which merchant it belongs to . 

 

The hash is sent in a custom header: X-ANET-Signature along with the webhook .

Using the signature key, the body can be hashed again using the same algorithm. The calculated hash should match the hash sent in the header. 

 

https://developer.authorize.net/api/reference/features/webhooks.html#Verifying_the_Notification

 

Hope it helps . 

 

 





Send feedback at developer_feedback@authorize.net
Anurag
Moderator Moderator
Moderator

‎11-16-2017 10:30 PM

0 Kudos

View the SolutionThis topic has been marked as solved.

Thanks, this could work, but the downside is I need to try each one of my Signature keys and hash with the response untill I find one that matches the X-Anet-Signature.  Though I do have a small set of keys, so it should be acceptable.

  

 

 

 

 

sandboxAuthNetT
Member
In response to Anurag

‎11-17-2017 02:18 PM

0 Kudos

View the SolutionThis topic has been marked as solved.

Hi @sandboxAuthNetT,

 

Just to clarify, you can definitely have multiple listener URLs, it's just the parameter syntax (with a "?") that's not allowed. It would be perfectly fine to have a listener that's https://yourserver.com/webhooks/merchant1/PaymentEvent and a https://yourserver.com/webhooks/merchant2/PaymentEvent, for example.

 

You can use the same listener program on your end, but just have it check what path was used to call it to determine the merchant.

Aaron
All Star
In response to sandboxAuthNetT

‎11-21-2017 09:18 AM

0 Kudos
Copyright © 2025 Khoros, LLC