24/7 Support: 800.608.6482

How To Guides

Due to Hurricane Milton, Miva’s technical support team will be operating at reduced capacity this week, which may cause delays. Miva store operations are unaffected.
Try our new AI assistant by clicking the chat icon in the lower right corner.

How To Guides

Authorize.net Accept.js

1. Overview

2. Generating A Public Client Key

3. Name Value Pair -> XML API

4. Using Authorize.net As An Emulator

5. MD5 Hash



Overview

9.13 includes a update to the Authorize.net integration to Miva. It allows customers to optionally use their latest front end API called Accept.js resulting in the credit card number never touching your Miva server, allowing merchants to complete an SAQ-A-EP for PCI compliance.

Using Accept.js, after the customer has typed in their card, it gets sent to Authorize.net which will then tokenize it and sent back a token to Miva which then gets submitted to the Miva server to authorize payment.



Authorie.net Accept.js Payment Flow



Generating A Public Client Key

Once you’ve installed 9.13, if you wish to take advantage of the additional security benefits of the new Accept.js integration you’ll need to manually generate a Public Client Key from within you authorize.net account.

  1. Log in to your Authorize.net account
  2. Navigate to Account > Settings > Security Settings > General Security Settings > Manage Public Client Key
  3. Add the Public Client Key to Miva


Authorie.net Payment Settings



Once this key has been added, Miva will automatically use it to output the correct Accept.js code during runtime so that your site leverages the new User Interface. There is no visual way to identify if your site is using the latest Accept.JS code. The easiest way to confirm it is working is to navigate to the last step of the chekout process (OPAY) and view the page source. Look for the following line:


Authorie.net JavaScript


The production URL is: https://js.authorize.net/v1/Accept.js

Note: While adding the Public Client Key is optional, it is strongly recommended for the additional security benefits you get by never having your Miva server touch the card number. If you do not add a Public Client Key, your Authorize.net integration will continue to work using the current method.



Name Value Pair -> XML API

This update also brings a backend server side change to the authorize.net integration. The previous integration used Authorize.net’s older Name/Value Pair API. As of 9.13 all requests are made using their latest XML API. This change is transparent to the merchant and customer. There is nothing "different" expect the server-side API calls.



Using Authorize.net As An Emulator

Because of the change from the NVP API to the XML API, you will no longer be able to use Authorize.net as an emulator for other gateways. If you are currently doing this, Miva will prevent you from upgrading to 9.13 until you fix the API endpoints (back to default). To signup for a new Authorize.net account please click here:

https://reseller.authorize.net/application/98549/



MD5 Hash

This field has been depreciated from the Authorize.net API and no longer exists in the module.

Looking for Developer Docs?

We have a whole section for that, including: Developer Training Series, Template Language docs, Module Development tutorials and much, much more.

Head to the Developer Section

Copyright © 1997 – 2024 Miva®, Miva Merchant®, MivaPay®, MivaCon®, Camp Miva®, Miva Connect®, Miva, Inc. All Rights Reserved.