The PaymentProvider customization key accepts a new value, which is reflected in its updated description. The Authorize.net Accept Hosted option is used to indicate the Authorize.Net Accept Hosted payment integration method. The existing Authorize.net option will continue to use SIM until Authorize.Net officially drops support for that method.
There are two new status lines used when returning from the payment provider that cover two cases specific to Accept Hosted: when the payment process was canceled by the patron and when the payment was made but Aeon is still pending notification from the payment provider. These keys are:
Default: The payment process was canceled.
Description: The web status line that appears on the Order Approvals page when a payment process was canceled from the payment provider page.
Default: Pending payment notification from the payment processor for transaction(s) <#TRANSACTIONLIST>.<br/>Those requests will be marked as paid once notification is received, which typically happens within one minute.
Description: The web status line that appears on the Order Approvals page when a payment confirmation is still pending.
Merchant Account Configuration
There are several settings that must be configured through the Authorize.Net merchant interface. Each of these account settings is found under Account>Settings.
Create API Credentials
From settings, go to API Credentials & Keys.
Note the value provided for API Login ID. The PaymentProviderMerchantId customization key should be set to this value.
Generate a new transaction key if you don't already have one. Make sure 'New Transaction Key' is selected and submit the form. A new key will be generated and shown; set your PaymentProviderToken customization key to that value.
Return to the API Credentials & Keys page, and generate a new signature key. A new key will be generated and shown; set your PaymentProviderResponseToken customization key to this value.
From the account settings page, select Webhooks
Select Add Endpoint
Provide an appropriate name for the endpoint
Provide the endpoint URL, which should be of the form https://your.aeon.url/aeon/aeon.dll/AuthorizeNetWebHook, where your.aeon.url is the public URL for your Aeon system. This must use the secure web protocol, i.e. https. Note that this must be an unprotected web directory, i.e. one that will not redirect requests to a single sign-on login page. Generally, sites that use a single sign-on solution will also have a web directory that just uses Aeon authentication.
Under Payment Events, select the net.authorize.payment.authcapture.created and net.authorize.payment.authorization.created events.
For Aeon v5.0.73 web pages or later:
You will need to modify the default CreditCardPayment.html web page to reference include_payment_form_authorize.net_accept_hosted.html. These files can be downloaded from the Aeon Downloads page as part of the Aeon Default Web Pages. See the instructions below for the required changes:
- Open the default directory in File Explorer where your CreditCardPayment.html page is located. If you already have a complete set of v5.0.73 or later web pages, skip to step 4.
- If you have just downloaded new web pages, overwrite the CreditCardPayment.html web page with the updated file.
- Open the "templates" folder in the new web pages download, and add the "payment" subfolder to your web directory in the "templates" folder.
- Open CreditCardPayment.html and make the following changes:
Change this (default line 42):
Prior to Aeon v5.0.73 web pages:
Copy the new feature-specific CreditCardPayment.html page for Authorize.Net Accept Hosted to the Aeon web directory.
Some behavior of the Authorize.Net payment form can be configured from the CreditCardPayment.html page if you are web pages prior to Aeon v5.0.73. If you are using Aeon v5.0.73 or later web pages, these edits will be made in the include_payment_form_authorize.net_accept_hosted.html file. In the section that makes the AJAX call to aeon.dll/ajax?query=GenerateAuthorizeNetAcceptHostedToken, the "data" section contains some configurable options.
transactionNumbers: This should not be modified, as it's used to tell Aeon which requests are being paid for.
invoiceDescription: This is the description of the invoice that will be shown on the payment form. When left blank, it will default to "Payment for Aeon request(s) " followed by a comma-separated list of the transaction numbers.
returnUrl: The URL to which Authorize.Net will send the patron after receiving payment. By default, this will use the WebURL customization key as the base for constructing the appropriate URL. Generally, this should not need to be changed. The aeon.dll should receive an 'action' parameter of 30 and a 'type' parameter of 111.
cancelUrl: The URL to which Authorize.Net will send the patron after they have cancelled the payment process. By default, this will use the WebURL customization key as the base for constructing the appropriate URL. Generally, this should not need to be changed. The aeon.dll should receive an 'action' parameter of 30 and a 'type' parameter of 104.
showBillingAddress: Controls whether billing address fields are shown on the payment form. This should be either true or false, without quotes.
requireBillingAddress: Controls whether billing address fields are required to be completed on the payment form. This should be either true or false, without quotes.
showShippingAddress: Controls whether the shipping address fields are shown on the payment form. This should be either true or false, without quotes.
requireShippingAddress: Controls whether the shipping address fields are required to be completed on the payment form. This should be either true or false, without quotes.
requireCVV: Controls whether the card verification value is required (the 3-4 digit number on the back of the card). This should be either true or false, without quotes. It is strongly recommended that this should be set to true.
requireCaptcha: Controls whether solving a captcha is required. This should be either true or false, without quotes.
Workflow, Webhooks, and Pending Payments
The workflow for the Accept Hosted process differs from SIM. With SIM, the payment is confirmed as the patron is sent back to Aeon. With Accept Hosted, the confirmation process is parallel to the user being returned to Aeon. When a patron completes a payment, Authorize.Net will notify Aeon that the payment was complete through the Webhook API. When Aeon receives this confirmation, it will complete the payment and route the request to the next step in the workflow. This may happen before or after the user is returned to the Aeon webpages from the payment form. If payment has already been confirmed when the user is returned, they will be shown the SLPaymentConfirmed status line, which will include their confirmation number. Otherwise, they'll be shown the new SLPaymentPending status line. Payment confirmation to Aeon