Upgrade Guide

The items on this page represent API Implementations that are supported but no longer actively maintained or enhanced. For newer alternatives, please see below.

Using our current APIs and integration products guarantees that you will have the latest features, continual updates and improvements, and the most active community of fellow developers

For questions about migrating an existing solution, please contact Developer Support.


Understanding the Authorize.net API

If you previously integrated with the Authorize.net platform, you may be used to seeing each of our features documented as separate and distinct APIs. Within our newer documentation, you’ll find that all of our features are a part of a larger cohesive API set.


API Support Status

API Method Status Alternative Solution
AIM Deprecated Authorize.net API 
SOAP API Deprecated Authorize.net API
SIM Deprecated Accept Hosted
DPM Deprecated Accept.js
Hosted CIM End of Life Accept Customer
HTTP GET End of Life Authorize.net API
WebLink End of Life Accept Hosted


Supported - The API is fully supported and actively updated.

Deprecated - The API is now obsolete and in the process of being phased out. An alternative solution is suggested.

End of Life - The API is no longer supported and will return an error if used after specified date. Use the alternative solution.


Advanced Integration Method (AIM)

STATUS: Deprecated.

Use the methods described in Payment Transactions in the the API Reference using XML or JSON.

All of the transaction methods previously available through AIM are possible using the methods described in Payment Transactions in the the API Reference using XML or JSON. If you are using transaction methods documented as part of what we previously called our "AIM XML" API, these transaction methods have been incorporated into our current broader Authorize.net API. These transaction requests can continue to be used as is.

If you are using our legacy AIM Name Value Pair (NVP) method, you're posting your transaction requests to a URL ending in "transact.dll", and the form field names begin with "x_". These types of transaction requests can be brought current by recreating them using the methods described in Payment Transactions in the the API Reference using XML or JSON.

If you are using our legacy AIM Name Value Pair (NVP) method and need to troubleshoot existing code, you may find it helpful to refer to the existing AIM NVP documentation:

AIM NVP Guide (PDF)PayPal AIM NVP Guide (PDF)   



STATUS: Deprecated. 

The Authorize.net API includes all of the SOAP API functionality plus additional features such as Authorize.net Accept, creating one-time transactions and enhanced Customer Profile methods.  

We have deprecated our SOAP API that offered support primarily for Customer Information Manager. We strongly recommend that developers move to the Authorize.net API using XML or JSON. This will allow us to continue providing developers with the most up-to-date features and to support a single, consistent platform.


Server Integration Method (SIM)

STATUS: Deprecated

Use Accept Hosted.

With the release of Accept Hosted, we have begun to deprecate and sunset our legacy SIM product. Going forward, we will correct bugs with SIM, but will not add any new functionality.

We will soon announce an end of life timeline for SIM, so we encourage you to upgrade your SIM solutions to use Accept Hosted.

Authorize.net Accept Hosted is a mobile-optimized, PCI DSS SAQ-A compliant solution for accepting payments. Accept Hosted is a replacement for SIM with many advantages, including the freedom to accept payments while reducing PCI scope and development efforts.


Direct Post Method (DPM)

STATUS: Deprecated. Sandbox and Production End of Life TBD.

Use Accept.js.

With the release of Accept.js, we have begun to deprecate and sunset our legacy DPM product. Going forward, we will correct bugs with DPM, but will not add any new functionality.

While DPM is deprecated, dates for Sandbox and Production end-of-life are to be determined. We encourage you to upgrade your DPM solutions to use Accept.js.

Accept.js is a JavaScript-based solution for sending secure payment data directly to Authorize.net. The Accept JavaScript library intercepts the payment data before it is passed to your server and instead submits it directly to Authorize.net, which replaces it with a one-time-use token, or payment nonce. This payment nonce, which is returned by the JavaScript library, can be used in the place of payment data in any Authorize.net API request.


Hosted CIM Forms

STATUS: End of Life

Upgrade to Accept Customer.


Hosted CIM forms have been replaced by our Accept Customer forms, a fully mobile-optimized, hosted solution for capturing payment information, which enables developers to leverage our Customer Profiles API while helping to maintain a SAQ-A level PCI-DSS compliance. Switching to the new Accept Customer forms is as easy as changing a single URL in your application. 

Distinguishing Hosted CIM from Accept Customer 

Both Hosted CIM and Accept Customer rely on a form token from our API, which you submit with an HTML form in the browser to a URL for the specific form you want to use. In most cases, you can switch from Hosted CIM to Accept Customer by changing the URL to which your form token is posted. Below are the URLs for Hosted CIM and for Accept Customer, to help you identify the changes you should make.

Deprecated Hosted CIM Form URLs

https://secure.authorize.net/profile/_formName_ (for Production)

https://test.authorize.net/profile/_formName_ (for Sandbox) 

Current Accept Customer URLs

https://accept.authorize.net/customer/_formName_ (for Production)

https://test.authorize.net/customer/_formName_ (for Sandbox) 


The process of obtaining the form token remains unchanged. Hosted CIM forms with URLs containing

https://secure.authorize.net/profile/ (for Production)


https://test.authorize.net/profile/ (for Sandbox)

are no longer updated and will return HTTP Error 410 after September 20, 2018. 

For more information about Customer Profiles and our Accept Customer forms, see our Customer Profiles documentation.



STATUS: End of Life

A change to the HTTP verb from GET to POST will remediate this issue. However, we recommend upgrading your application to use the Authorize.net API.

All GET requests to the sandbox and production endpoints https://secure.authorize.net/gateway/transact.dll and https://secure2.authorize.net/gateway/transact.dll endpoints will fail and will return Response Reason Code 66, "This transaction cannot be accepted for processing."



STATUS: End of Life

Use Accept Hosted

All requests to https://secure.authorize.net/gateway/transact.dll that do not include complete authentication credentials will return Response Reason Code 92, "The gateway no longer supports the requested method of integration."