Add-ons and ModulesAuthorize.Net


Sana Commerce 8.3
Your provider

Configure a Test Authorize.Net Payment Module

In order to add the Authorize.Net Payment Module to a project with a test account, please undertake the following steps:

Step 1: Request the Authorize.Net test account at

Step 2: Copy the 'Sana.Commerce.Payment. AuthorizeNet.dll', 'Sana.Commerce.Payment.AuthorizeNet.pdb' and 'Sana.Commerce.Payment.AuthorizeNet.xml' files from the 'bin' folder of the Authorize.Net add-on package to the 'Frontend/bin' folder of Sana Commerce.

Step 3: Configure the Sana Commerce frontend to use the Authorize.Net payment module. This configuration is performed in the 'web.config' file of the Sana Commerce frontend:

  • Locate the 'AuthorizeNet configuration section.txt' file in the 'configuration' folder, which contains the Authorize.Net payment module configuration section;

  • Copy the whole text of this file into the <payment-configuration> section of the 'web.config' file, it will look as follows: 
<module name="Authorize.Net" type="Sana.Commerce.Payment.AuthorizeNet.AuthorizeNetPaymentModule, Sana.Commerce.Payment.AuthorizeNet">
          <clear />
          <add name="IpCheck" value="64.94.*.*|" isRequestParameter="false" />
          <add name="x_login" value="..." isRequestParameter="true" />
          <add name="x_transaction_key" value="..." isRequestParameter="false" />
          <add name="x_delim_data" value="FALSE" isRequestParameter="true" />
          <add name="x_show_form" value="PAYMENT_FORM" isRequestParameter="true" />
          <add name="x_MD5_HashKey" value="" isRequestParameter="false" />
          <add name="x_version" value="3.1" isRequestParameter="true" />
          <add name="x_test_request" value="true" isRequestParameter="true" />          
          <add name="ResponseUsePost" value="true" isRequestParameter="false" />
          <add name="PaymentPage" value="" isRequestParameter="true" />
          <add name="x_relay_response" value="TRUE" isRequestParameter="true" />

Step 4: Specify the x_login and x_transaction_key values which you have received from Authorize.Net.

Authorize.Net supports several credit card transaction types. For more information about credit card transaction types supported by Authorize.Net, see 'Credit Card Transaction Types'.

By default the credit card transaction type of the Authorize.Net payment module implemented for Sana Commerce is configured to 'Authorize and Capture', which is the most common type of credit card transaction. This type is completely automatic. But another type of transaction can be also configured. For more information see Authorize.Net developer guide 'Transaction Data Requirements'.

For example, you can configure the 'Authorization Only' transaction type which allows delayed capturing. This transaction type is required in countries where it is not allowed to capture the credit card before you ship the order or you want to review the orders before shipping goods or simply do not have an item in stock at the moment.

In order to make delayed capturing possible the 'Authorization Only' transaction type can be configured to not capture the credit card on order placement. This way instead of automatic capturing you can enter the Authorize.Net backoffice when the order is shipped and capture the credit card manually.

To configure the 'Authorization Only' transaction type in the Authorize.Net payment configuration section in the 'web.config' file of the Sana Commerce frontend add the following line:

<add name="x_type" value="AUTH_ONLY" isRequestParameter="true" />

Step 5: In the Sana Commerce frontend directory create the 'confirm' folder. In IIS set anonymous access rights on the 'confirm' folder.

Step 6: In the 'web.config' file of the Sana Commerce frontend add the following HttpHandler configuration entry to the <httpHandlers> node:

<add verb="*" path="confirm/RelayResponse.aspx" type="Sana.Commerce.Payment.AuthorizeNet.RelayResponseHttpHandler, Sana.Commerce.Payment.AuthorizeNet" />

The link to this handler is posted to Authorize.Net as a value of such parameter x_relay_url. Authorize.Net returns transaction results to the merchant using the HTML form POST in order to process Relay Response by this handler.

Make sure that URL which you use as a Relay Response URL (x_relay_url parameter) is on port 80 (or port 443 if you have an SSL certificate installed) and is publically accessible and exists within a firewall that does not prevent Authorize.Net from connecting with it.

For testing Authorize.Net payment module the web page address which is posted to Authorize.Net as a value of x_relay_url parameter must be available from outside because it will be called by Authorize.Net.

This note is for Sana Commerce 8.3 only. If you are using Sana Commerce 8.3 SP1, skip this note.

If your webshop runs on partial HTTPS and it is configured for the checkout process open the 'web.config' file of the Sana Commerce frontend, locate the 'secureWebPages' configuration section and add the following line to the <files> section:

<add path="confirm/RelayResponse.aspx" secure="Ignore"/>

In case of partial HTTPS the Relay Response URL should be also added with 'https' instead of 'http' in the Authorize.Net backoffice.

For the detailed information about configuration of partial HTTPS, see 'Partial HTTPS'.

For an explanation of the Authorize.Net configuration values, please read this chapter and the chapter 'Authorize.Net Specific Configuration Values' and the chapter 'General External Payment Method Configuration Values'.

Step 7: Configure the Authorize.Net payment methods. To do this execute the 'ConfigureAuthorizeNetInDB.sql' SQL script on the Sana Commerce database. You can find the script in the 'scripts' folder of the Authorize.Net package.

Before running the script check the value of the '@siteId' variable and change it if needed to match the appropriate website identifier and check whether the currency is correct.

The 'ConfigureAuthorizeNetInDB.sql' SQL script adds the 'Authorize.Net Credit Card' and 'Authorize.Net ECheck' payment methods.

These payment methods will be available for all countries configured in the system. No translations for the payment methods will be set by this script - this should be done manually. After the script has been executed, all fields should be checked for the correct values.

When the script has been executed, the Authorize.Net payment methods can be seen in the Sana Commerce backoffice > Settings > Payment methods. Here you can manage the payment methods: edit or remove the existing payment methods or create and configure any other payment methods. If you need to use any other payment methods that are supported by the installed payment provider you can create and configure them on the 'Payment methods' page in the Sana Commerce backoffice. For more information about management of the payment methods in the Sana Commerce backoffice, see 'Payment methods'.

The 'PSP code' value for the 'Authorize.Net Credit Card' payment method is 'CC'.
The 'PSP code' value for the 'Authorize.Net ECheck' payment method is 'ECHECK'.

Step 8: Find the 'files' folder, where the Authorize.Net payment method icons are stored. Copy the 'files' folder to 'Frontend\content\'. These icons will be displayed on the frontend in the payment method selection control.

Step 9: When all the changes are made, in the Sana Commerce backoffice click the 'Refresh site cache' button.

Step 10: Test the payment/checkout flow to see if everything works fine, using the newly configured payment methods and the correct payment statuses that are set.

Add-ons and ModulesAuthorize.Net