Search Developer Site

Authorize.Net Accept.js

Integrating the Accept.js library into your application helps minimize the work required to achieve PCI-DSS compliance because it sends payment data directly to Authorize.Net. Payment data submitted through Accept.js does not reach your server. Accept.js also provides the ease of flexibility of your own design and form.

Workflow

(1) Accept.js sends payment information directly to Authorize.Net, which returns a payment nonce (a number representing the payment information that may only be used once). (2) Your application client (for example, web application JavaScript) then posts the nonce back to your web application server along with all the other order information. (3) Your server application uses the nonce to replace the payment details in standard Authorize.Net API calls.

Accept.js contains built-in data type validation for credit card number, expiration date, and optional fields. Optional fields include card code, ZIP code, and cardholder name. While Accept.js validates the data, it doesn't do any authorization of the card number or any check to see if the zip code or card code are correct for that card. Those steps will happen later in the process when you submit the nonce as part of a transaction request.

Note: Accept.js is not available for Authorize.Net's legacy name-value pair API.

Obtaining a Public Client Key

To use Accept.js, you must generate a merchant identifier which can be safely used in client applications such as JavaScript Web applications and mobile applications. You should never use your API Transaction Key to make calls from anywhere other than a secure server environment such as ASP.NET or Rails. Because Accept.js does not initiate any transaction processing, the public client key is safe to use in applications where the code resides on a client-side device, such as a browser or mobile phone.

Step 1. Log in to the Authorize.Net merchant interface and navigate to Account > Settings > Security Settings > General Security Settings > Manage Public Client Key.

Step 2. In the area called Create New Public Client Key, enter your secret answer to the secret question and click Submit.

Step 3. Copy the public client key to your clipboard and use it in Step 3 of the next section, "Integrating Accept.js into your Website".

Integrating with Accept.js

If you currently use the Authorize.Net API to process payment transactions, the integration should be the same, with one additional step: before you POST the order/payment details to the merchant's server, you must make a call to the Accept library and pass the resulting data to your server rather than any credit card details.

See Sample Application on GitHub for a full working example.

Step 1. Include the Accept library in your page (the charset attribute "utf-8" is required):

NOTE: Make sure that the page that includes the Accept.js script is served using an HTTPS connection.

Step 2. Collect payment data in a form and intercept your form submission:

Step 3. Send the card data to Authorize.Net and receive the payment nonce in response.

Step 4. Use the returned data element in a form POST to your processing application.

Methods, Objects, and Events

dispatchData

This method sends the secure data to Authorize.Net and provides the response handler, which will receive the payment nonce.

Parameter Type Description
data SecureData This object contains the payment data to be sent to Authorize.Net.
callback function This function handles the response from Authorize.Net.

SecureData

This object contains the merchant identifier and payment data.

Property Type Description
secureData SecureData Object This object is the payment data to be sent to Authorize.Net.
authData AuthData Object This object contains the data used by Authorize.Net to identify the merchant who will eventually use the card data.

CardData

This object contains the payment data which is sent to Authorize.Net.

Property Type Description
cardNumber String Must be a valid 13-16 digit card number. Required.
month String 2-digit month. Required.
year String 2-digit year. Required.
cardCode String 3 or 4-digit card validation value (CVV). Optional.
zip String 20-character alphanumeric postal code. Optional.
fullName String 64-character alphanumeric cardholder name. Optional.

AuthData

This object contains the data used by Authorize.Net to identify the merchant who will eventually use the card data.

Property Type Description
apiLoginID String API login ID of the merchant. It can be found in the Authorize.Net Merchant Interface at Account > Settings > Security Settings > General Security Settings > API Credentials and Keys. Required.
clientKey String Public key for the merchant. It can be generated in the Authorize.Net Merchant Interface at Account > Settings > Security Settings > General Security Settings > Manage Public Client Key. Required.

Charging a Credit Card

On your server you can call the Authorize.Net API just like you would if using actual credit card information. Simply replace the credit card element with the opaque data element.

See our Sample Application on GitHub for a full working example.

For example:

Error Response Codes

Code Text Notes
I_WC_01 Successful. The request was processed successfully.
E_WC_01 Please include Accept.js library from cdn. To maintain security and take advantage of updates, source the Accept.js from the Authorize.Net servers.
E_WC_02 A HTTPS connection is required. The page on which you’re including Accept.js must be served over an HTTPS connection.
E_WC_03 Accept.js is not loaded correctly. Ensure that the Accept.js library is sourced from the Authorize.Net servers.
E_WC_04 Please provide mandatory field to library. Credit Card Number and Expiration Date are required fields.
E_WC_05 Please provide valid credit card number. Credit card numbers must pass a standard LUHN check.
E_WC_06 Please provide valid expiration month.
E_WC_07 Please provide valid expiration year.
E_WC_08 Expiration date must be in the future.
E_WC_10 Please provide valid apiloginid. The value of the apiloginid field must be same as the ID that you use to authenticate API requests.
E_WC_14 Accept.js encryption failed General error code indicating that some part of the process of transmitting the card data or encrypting the card data failed, either within the browser or at the Authorize.Net servers.
E_WC_15 Please provide valid CVV. CVV is the Card Verification Value of the credit card.
E_WC_16 Please provide valid ZIP code. Postal code is an optional field but if supplied should be no more than 20 characters.
E_WC_17 Please provide valid card holder name. Card holder name is an optional field but if supplied should be no more than 64 characters.
E_WC_18 Client key is required. The client key can be obtained at the Authorize.Net merchant interface, by navigating to Account > Settings > Security Settings > General Security Settings > Manage Public Client Key.
E_WC_19 An error occurred during processing. Please try again. Check the value of the API login. The value of the apiloginid field must be same as the ID that you use to authenticate API requests.
E_WC_21 User authentication failed due to invalid authentication values. One or more of the API login or public client key are incorrect. The value of the apiloginid field must be same as the ID that you use to authenticate API requests.The client key can be obtained at the Authorize.Net merchant interface, by navigating to Account > Settings > Security Settings > General Security Settings > Manage Public Client Key.