The PaymentProvider customization key accepts a new value, which is reflected in its updated description. The Authorize.net Accept Hosted option is used to indicate the Authorize.Net Accept Hosted payment integration method. The existing Authorize.net option will continue to use SIM until Authorize.Net officially drops support for that method.
There are two new status lines used when returning from the payment provider that cover two cases specific to Accept Hosted: when the payment process was canceled by the patron and when the payment was made but Aeon is still pending notification from the payment provider. These keys are:
Default: The payment process was canceled.
Description: The web status line that appears on the Order Approvals page when a payment process was canceled from the payment provider page.
Default: Pending payment notification from the payment processor for transaction(s) <#TRANSACTIONLIST>.<br/>Those requests will be marked as paid once notification is received, which typically happens within one minute.
Description: The web status line that appears on the Order Approvals page when a payment confirmation is still pending.
Merchant Account Configuration
There are several settings that must be configured through the Authorize.Net merchant interface. Each of these account settings is found under Account>Settings.
Create API Credentials
From settings, go to API Credentials & Keys.
Note the value provided for API Login ID. The PaymentProviderMerchantId customization key should be set to this value.
Generate a new transaction key if you don't already have one. Make sure 'New Transaction Key' is selected and submit the form. A new key will be generated and shown; set your PaymentProviderToken customization key to that value.
Return to the API Credentials & Keys page, and generate a new signature key. A new key will be generated and shown; set your PaymentProviderResponseToken customization key to this value.
From the account settings page, select Webhooks
Select Add Endpoint
Provide an appropriate name for the endpoint
Provide the endpoint URL, which should be of the form https://your.aeon.url/aeon/aeon.dll/AuthorizeNetWebHook, where your.aeon.url is the public URL for your Aeon system. This must use the secure web protocol, i.e. https. Note that this must be an unprotected web directory, i.e. one that will not redirect requests to a single sign-on login page. Generally, sites that use a single sign-on solution will also have a web directory that just uses Aeon authentication.
Under Payment Events, select the net.authorize.payment.authcapture.created and net.authorize.payment.authorization.created events.
Copy the new feature-specific CreditCardPayment.html page for Authorize.Net Accept Hosted to the Aeon web directory. Some behavior of the Authorize.Net payment form can be configured from this page. In the section that makes the AJAX call to aeon.dll/ajax?query=GenerateAuthorizeNetAcceptHostedToken, the "data" section contains some configurable options.
transactionNumbers: This should not be modified, as it's used to tell Aeon which requests are being paid for.
invoiceDescription: This is the description of the invoice that will be shown on the payment form. When left blank, it will default to "Payment for Aeon request(s) " followed by a comma-separated list of the transaction numbers.
returnUrl: The URL to which Authorize.Net will send the patron after receiving payment. By default, this will use the WebURL customization key as the base for constructing the appropriate URL. Generally, this should not need to be changed. The aeon.dll should receive an 'action' parameter of 30 and a 'type' parameter of 111.
cancelUrl: The URL to which Authorize.Net will send the patron after they have cancelled the payment process. By default, this will use the WebURL customization key as the base for constructing the appropriate URL. Generally, this should not need to be changed. The aeon.dll should receive an 'action' parameter of 30 and a 'type' parameter of 104.
showBillingAddress: Controls whether billing address fields are shown on the payment form. This should be either true or false, without quotes.
requireBillingAddress: Controls whether billing address fields are required to be completed on the payment form. This should be either true or false, without quotes.
showShippingAddress: Controls whether the shipping address fields are shown on the payment form. This should be either true or false, without quotes.
requireShippingAddress: Controls whether the shipping address fields are required to be completed on the payment form. This should be either true or false, without quotes.
requireCVV: Controls whether the card verification value is required (the 3-4 digit number on the back of the card). This should be either true or false, without quotes. It is strongly recommended that this should be set to true.
requireCaptcha: Controls whether solving a captcha is required. This should be either true or false, without quotes.
Workflow, Webhooks, and Pending Payments
The workflow for the Accept Hosted process differs from SIM. With SIM, the payment is confirmed as the patron is sent back to Aeon. With Accept Hosted, the confirmation process is parallel to the user being returned to Aeon. When a patron completes a payment, Authorize.Net will notify Aeon that the payment was complete through the Webhook API. When Aeon receives this confirmation, it will complete the payment and route the request to the next step in the workflow. This may happen before or after the user is returned to the Aeon webpages from the payment form. If payment has already been confirmed when the user is returned, they will be shown the SLPaymentConfirmed status line, which will include their confirmation number. Otherwise, they'll be shown the new SLPaymentPending status line. Payment confirmation to Aeon