Transcription
Title PageMerchant Web Services APICustomer Information Manager (CIM)SOAP GuideDecember 2015Authorize.Net Developer Supporthttp://developer.authorize.netAuthorize.Net LLC 082007 Ver.2.0
Authorize.Net LLC (“Authorize.Net”) has made efforts to ensure the accuracy and completeness of theinformation in this document. However, Authorize.Net disclaims all representations, warranties and conditions,whether express or implied, arising by statute, operation of law, usage of trade, course of dealing or otherwise,with respect to the information contained herein. Authorize.Net assumes no liability to any party for any loss ordamage, whether direct, indirect, incidental, consequential, special or exemplary, with respect to (a) theinformation; and/or (b) the evaluation, application or use of any product or service described herein.Authorize.Net disclaims any and all representation that its products or services do not infringe upon any existingor future intellectual property rights. Authorize.Net owns and retains all right, title and interest in and to theAuthorize.Net intellectual property, including without limitation, its patents, marks, copyrights and technologyassociated with the Authorize.Net services. No title or ownership of any of the foregoing is granted or otherwisetransferred hereunder. Authorize.Net reserves the right to make changes to any information herein withoutfurther notice.Authorize.Net TrademarksAdvanced Fraud Detection Suite Authorize.Net Authorize.Net Your Gateway to IP Transactions Authorize.Net Verified Merchant Seal Automated Recurring Billing 2
CONTENTSContentsRevision HistoryChapter 16Developer IntroductionAudience For This GuideIntegration MethodsStandard API8Hosted Form8777Minimum Requirements8Payment Processors 9North American Payment Processors 9European Payment Processors 11Asia-Pacific Processors 11EVOSnap 12Accepted Authorization/Settlement CurrenciesAccepted Billing Currencies 12Accepted Card Types 12EVOSnap Supported Services 13Developer Support16Software Development KitsChapter 212Executing an API CallWeb Service Locations171818CIM Functions 19The validationMode Parameter 20Authentication 21Input Parameter for CreateCustomerProfileFromTransaction 22Input Parameters for CreateCustomerProfile 23Input Parameters for CreateCustomerPaymentProfile 30Input Parameters for CreateCustomerShippingAddress 34Input Parameters for CreateCustomerProfileTransaction 35For Authorization Only transactions 36For Authorization and Capture Transactions 40Merchant Web Services API CIM SOAP Guide December 20153
ContentsFor Capture Only Transactions 45For Prior Authorization and Capture Transactions 49For Refund Transactions 53For a Void Transaction 58Input Parameters for DeleteCustomerProfile 59Input Parameters for DeleteCustomerPaymentProfile 60Input Parameters for DeleteCustomerShippingAddress 60Input Parameters for GetCustomerProfileIds 61Input Parameters for GetCustomerProfile 61Input Parameters for GetCustomerPaymentProfile 62Input Parameters for GetCustomerShippingAddress 62Input Parameters for GetHostedProfilePage 63Input Parameters for UpdateCustomerProfile 64Input Parameters for UpdateCustomerPaymentProfile 65Input Parameters for UpdateCustomerShippingAddress 71Input Elements for UpdateSplitTenderGroup 73Input Parameters for ValidateCustomerPaymentProfile 73EVO Billing and Shipping Fields 74Chapter 3Responses76CIM Responses 77Output for CreateCustomerProfileFromTransactionResponseOutput for CreateCustomerProfileResponse 78Output for CreateCustomerPaymentProfileResponse 80Output for CreateCustomerShippingAddressResponse 81Output for CreateCustomerProfileTransactionResponse 81Output for DeleteCustomerProfileResponse 82Output for DeleteCustomerPaymentProfileResponse 82Output for DeleteCustomerShippingAddressResponse 83Output for GetCustomerProfileIdsResponse 83Output for GetCustomerProfileResponse 83Output for GetCustomerPaymentProfileResponse 87Output for GetCustomerShippingAddressResponse 91Output for GetHostedProfilePage 92Output for UpdateCustomerProfileResponse 92Output for UpdateCustomerPaymentProfileResponse 93Output for UpdateCustomerShippingAddressResponse 93Output for UpdateSplitTenderGroup 94Output for ValidateCustomerPaymentProfileResponse 94Duplicate Profile Verification 94Merchant Web Services API CIM SOAP Guide December 2015774
ContentsChapter 4Using a Hosted FormIdentifying the CustomerRetrieving a Token969696Presenting the Hosted Form 97Form Action URLs 97Conditional fields 97Displaying the FormRedirect 98iFrame 9997Guidelines for Parameter SettingsResponse Codes99102Merchant Web Services API CIM SOAP Guide December 20155
REVISIONSRevision HistoryThis table lists the changes made in the last six releases of this document:Publish DateUpdateDecember 2015This revision contains only editorial changes and no technical updates.August 2015Updated EVOSnap information in "Payment Processors," page 9.July 2015Added a section about EVOSnap to "Payment Processors," page 9.Added a new production URL to "Web Service Locations," page 18.June 2015Listed line item fields as required only if lineItem is submitted.Merchant Web Services API CIM SOAP Guide December 20156
CHAPTERDeveloper Introduction1This guide describes the Web development required to create and manage customerprofile information for the purpose of submitting transactions to the Authorize.Net PaymentGateway directly from a web site or other application using Simple Object Access Protocol(SOAP).SOAP provides a standards-based mechanism to access Web services from a wide rangeof platforms. Typically, you access Web services using a SOAP client on yourprogramming environment. The SOAP client typically generates the native objects andinterfaces based on a Web Services Description Language (WSDL) that is published byAuthorize.Net. The client application initializes the local object and invokes the method asif it is calling a local procedure. The SOAP client generates and parses the underlyingextensible markup language (XML) documents that form the basis of the SOAP protocol.The Authorize.Net Customer Information Manager (CIM) Application ProgrammingInterface (API) provides a mechanism for developers and value-added resellers (VARs) tocreate, delete, retrieve, and update customer profile information, including payment andaddress information, by directly integrating client software and the Authorize.Net PaymentGateway.Please refer to specific SOAP client documentation for details on how to use SOAP-basedWeb services.Audience For This GuideThis guide is intended for developers who are responsible for maintaining a merchant’sweb site and integrating it with the Authorize.Net Payment Gateway.Integration MethodsThe two methods for integrating payments, Standard API and Hosted API, canaccommodate a range of business needs and coding abilities.Merchant Web Services API CIM SOAP Guide December 20157
Chapter 1Developer IntroductionStandard APIYou can use the API to submit transaction information to Authorize.Net when yourcustomers enter data on your web site. When the customer enters the data, your web sitecalls the API using either XML or SOAP.The choice of XML or SOAP depends on the programming language you use. For PHPand Ruby, XML is recommended. For C# and other .NET languages, SOAP isrecommended. With Java, either will work.For information regarding requirements for using the API, see "Minimum Requirements,"page 8 below.Hosted FormFor a more secure exchange of information, a hosted form enables you to establish ahosted connection on Authorize.Net secure servers. If the merchant needs to transmitsensitive cardholder information (for example, a customer needs to change credit cardinformation or add a new payment method), you can use the hosted form option. With thehosted CIM option, credit card data never flows through your web site. You can implementthe hosted option using either XML or SOAP.You must still use the standard API (either SOAP or XML) for some operations, such ascreating a transaction. The hosted page only provides functionality for creating, updating,and deleting payment profiles and shipping addresses.For more information, refer to "Using a Hosted Form," page 96.Minimum RequirementsBefore you begin integrating an Authorize.Net Payment Gateway account, check with themerchant to make sure that the following minimum requirements have already been met. The merchant must have a merchant bank account that allows Internet transactions. The merchant must have an active Authorize.Net Card Not Present PaymentGateway account. The merchant must have signed up for the CIM service. The merchant must store account authentication data securely (for example, API loginID, transaction key).Merchant Web Services API CIM SOAP Guide December 20158
Chapter 1Developer Introduction The merchant’s web site must use HTTPS. The merchant’s web site must support secure user registration for returning users.NoteMerchants should avoid storing any type of sensitive cardholderinformation. However, if a merchant or third party must store sensitivecustomer business or payment information, they must comply with industrystandard storage requirements. See Understanding PCI Compliance.Payment ProcessorsThe merchant’s payment processor determines the card types and currencies that themerchant can support.North American Payment ProcessorsAuthorize.Net supports the following payment processors, card types, and currencies.Table 1North American Payment Processors, Accepted Card Types,and Accepted CurrenciesPayment ProcessorAccepted Card TypesChase Paymentech Tampa American ExpressUnited States Dollar (USD) Diners ClubCanadian Dollar (CAD) Discover JCB Mastercard Visa American ExpressUnited States Dollar (USD) Diners ClubCanadian Dollar (CAD) Discover JCB Mastercard Visa American Express Discover JCB Mastercard VisaElavonEVO PaymentsMerchant Web Services API CIM SOAP Guide December 2015Accepted CurrenciesUnited States Dollar (USD)9
Chapter 1Table 1Developer IntroductionNorth American Payment Processors, Accepted Card Types,and Accepted Currencies (Continued)Payment ProcessorAccepted Card TypesFirst Data Merchant Services (FDMS) Omaha,Nashville, and EFSNet American ExpressUnited States Dollar (USD) Diners ClubCanadian Dollar (CAD) Discover JCB Mastercard Visa American ExpressUnited States Dollar (USD) Diners ClubCanadian Dollar (CAD) Discover JCB Mastercard Visa American Express Diners Club Discover JCB Mastercard Visa American Express Diners Club Discover JCB Mastercard Visa American Express Diners Club Discover JCB Mastercard VisaGlobal PaymentsHeartland Payment SystemsTSYS Acquiring SolutionsWorldPay AtlantaMerchant Web Services API CIM SOAP Guide December 2015Accepted CurrenciesUnited States Dollar (USD)United States Dollar (USD)United States Dollar (USD)10
Chapter 1Developer IntroductionEuropean Payment ProcessorsAuthorize.Net supports the following European payment processors, card types, andcurrencies.Table 2European Payment Processors, Accepted Card Types,and Accepted CurrenciesPayment ProcessorAccepted Card TypesAccepted CurrenciesAIB Merchant Services MastercardBritish Pounds (GBP) VisaEuro (EUR)United States Dollar (USD)BarclaycardFirst Data Merchant Solutions (MSIP platform)HSBC Merchant Services JCBBritish Pounds (GBP) MastercardEuro (EUR) Visa Mastercard Visa MastercardBritish Pounds (GBP) VisaEuro (EUR)British Pounds (GBP)United States Dollar (USD)Lloyds Bank CardnetStreamlineBritish Pounds (GBP) Mastercard Visa JCBBritish Pounds (GBP) MastercardEuro (EUR) VisaUnited States Dollar (USD)Asia-Pacific ProcessorsAuthorize.Net supports the following Asia-Pacific payment processors for Card-NotPresent (CNP) transactions.Table 3Asia-Pacific Payment Processor, Accepted Card Types,and Accepted CurrenciesPayment ProcessorAccepted Card TypesAccepted CurrenciesFDI Australia MastercardAustralian Dollar (AUD) VisaNew Zealand Dollar (NZD)United States Dollar (USD)Westpac Mastercard VisaMerchant Web Services API CIM SOAP Guide December 2015Australian Dollar (AUD)11
Chapter 1Developer IntroductionEVOSnapThere are multiple EVOSnap processing platforms. If you use the U.S. Dollar (USD), youare assigned to EVOSnap U.S. If you use any other currencies, you are assigned toEVOSnap International.Accepted Authorization/Settlement Currencies USD—U.S. Dollar CAD—Canada Dollar CHF—Swiss Franc DKK—Danish Krone EUR—Euro GBP—British Pound NOK—Norway Krone PLN—Poland złoty (MasterCard Only) SEK—Sweden Krone ZAR—South African RandAccepted Billing Currencies USD—U.S. Dollar AUD—Australian Dollar GBP—British PoundAccepted Card Types Visa MasterCard American Express JCB Diners Club—Supported for U.S. services only.Unsupported ServicesApple Pay and soft descriptors are not supported by EVOSnap.Merchant Web Services API CIM SOAP Guide December 201512
Chapter 1Developer IntroductionEVOSnap Supported ServicesU.S. ServicesTable 4Authorize.Net Services Supported by EVOSnap U.S.ServiceE-CommerceMOTORetailTransaction TypesAuthorization onlyXXXAuthorization and capture (sale)XXXCaptureXXXVoidXXXCredit (refund)XXXAVSXXXCVV2/CVC2/CIDXXX3DSXPurchase card—level 2XXXPartial Approvals (Partial Authorization)XXXSupported card types:XXXFeatures Visa Mastercard American Express Discover JCB Diners ClubDuplication RulesEVO platform always checks for duplicate transactions based on: Same Terminal ID Same Card Number Same Dollar AmountDuplicates are flagged when they occur within an hour of each other.MagstripeTrack 2 data is supported only for card-present transactions.Level 2 SupportMerchant Web Services API CIM SOAP Guide December 201513
Chapter 1Developer IntroductionPO# is required when any level 2 data is submitted. Level 2 data includes tax, duty, andfreight information.Billing AddressWhen any billing fields are submitted, all must be submitted. First name Last name Address City State/province (only required if country is US or Canada) Country ZIP/postal codeOther Field RequirementsThe employeeId field is required; however, if a value is not passed with the field,Authorize.Net sends a default value of 0000 to the processor.Consolidated AccountsThe Consolidated Accounts feature is not supported on the EVOSnap platform. Multiplesmarket types require multiple accounts.Automated Recurring BillingMerchants using Automated Recurring Billing must be approved by their merchant serviceprovider, also known as their acquirer.Merchant Web Services API CIM SOAP Guide December 201514
Chapter 1Developer IntroductionInternational ServicesTable 5Authorize.Net Services Supported by EVOSnap InternationalServiceMOTOAuthorizeXXAuthorize and CaptureXXCaptureXXVoidXXCreditXXAVS—Visa and American Expressonly.XXCVV2/CVC2/CIDXX3DSE-CommerceXNot Supported Retail Level 2 data Soft descriptors Partial authorization Consolidated accounts (MOTO/E-Commerce)—separate accounts are required. Automated recurring billing and customer information managerCVVEVOSnap requires CVV for all international transactions. CVV must be enabled in theAuthorize.Net merchant interface’s Virtual Terminal settings.To enable CVV:Step 1Navigate to the Authorize.Net merchant interface.Step 2Choose Accounts Settings Transaction Format Settings Virtual Terminal.Step 3Check the View/Edit box for Card Code.Step 4Click Submit.Other EVOSnap ConsiderationsInternational AVS BehaviorTransactions are declined if the submitted address data does not match. Merchants canoverride this behavior on a per-transaction basis, if permitted by EVOSnap. MerchantMerchant Web Services API CIM SOAP Guide December 201515
Chapter 1Developer Introductionaccounts are configured to either use or not use AVS processing when they are boarded.If the account is configured to not use AVS processing, AVS is not performed, even if thedata is included. If the merchant account is configured to use AVS every transaction mustinclude AVS data, unless the merchant is authorized by EVOSnap to override the AVSprocessing.APICustomer code is required. If not present, customer code is populated with 0000. Countrycode must be in ISO format. For example, GBR, CHE, AUS.Error Codes RTC 350Description—EVOSnap: country must be a valid three-character value if specified.Message—country must be a valid three-character value if specified. RTC 351Description—EVOSnap: employee ID cannot be more than 6 characters in length, 4for a retail transaction.Message—employee ID must be 1 to %x characters in length.Note—the %x is replaced with a 6 for E-Commerce and MOTO transaction types and4 for retail transaction types.Billing InformationWhen any billing information is submitted, all billing fields must be provided.Developer SupportThe following resources can help you successfully integrate a merchant web site or otherapplication to the Authorize.Net Payment Gateway. The Developer Center provides sandbox accounts, sample code, FAQs, andtroubleshooting tools. Developer training videos cover a variety of topics. The developer community provides answers to questions from other Authorize.Netdevelopers. Ask us a question at our Developer Support page. Search our knowledge base for answers to commonly asked questions.To submit suggestions for improving or correcting this guide, send email todocumentation@authorize.net.Merchant Web Services API CIM SOAP Guide December 201516
Chapter 1Developer IntroductionSoftware Development KitsAuthorize.Net offers software development kits (SDKs) that present an alternate objectoriented model in several popular languages. Use the SDK to program the core paymentactivities (such as error handling and parsing, network communication, and dataencoding) that occur behind the scenes.The SDK provides utility methods to help developers build payment flows for each of theintegration methods. You can download the chant Web Services API CIM SOAP Guide December 201517
CHAPTERExecuting an API Call2The following sections describe the minimum requirements for executing an API call for managingcustomer profiles using SOAP.You can develop a request script in one of two ways: Develop a custom script yourself using the API field information provided in this document. Use Authorize.Net sample code available for free from our Developer Center at http://developer.authorize.net/samplecode.NoteIf you choose to use Authorize.Net sample code, please be aware that in orderto achieve a successful implementation, you must modify the code withdeveloper test account or the merchant’s specific payment gateway accountinformation.Web Service LocationsThe following table shows where to find the web service locations.Table 6Web Service LocationsItemLocationWeb Service URL in ce.asmxLegacy but supported Web Service URL in /Service.asmx?WSDLDo not submit transactions to an IP address. Use the URLs shown above.NoteMerchant Web Services API CIM SOAP Guide December 201518
Chapter 2NoteExecuting an API CallThe developer test URL requires the use of a developer test payment gatewayaccount. You can request a test account from our Developer Center athttp://developer.authorize.net/testaccount. Developer test accounts cannot beused to test your implementation against the production URL.CIM FunctionsThe CIM API comprises these functions: CreateCustomerProfileFromTransaction—Create a customer profile, payment profile, and shippingprofile from an existing successful transaction by referencing the transaction ID. CreateCustomerProfile—Create a new customer profile along with any customer payment profiles andcustomer shipping addresses for the customer profile. CreateCustomerPaymentProfile—Create a new customer payment profile for an existing customerprofile. CreateCustomerShippingAddress—Creat
Merchant Web Services API CIM SOAP Guide December 2015 9 Chapter 1 Developer Introduction The merchant’s web site must use HTTPS. The merchant’s web site must support secure user registration for returning users. Payment Processors The merchant’s payment processor determines the card types and c
![API Ballot: [Ballot ID] – API 510 & API 570, Deferrals, Rev05](/img/5/api510andapi570deferralsrev5.jpg)
