Upgrade Guide

The items on this page represent API Implementations that are supported but no longer actively maintained or enhanced. For newer alternatives, please see below.

Using our current API guarantees that you will always have:

  • The latest features

  • Continual updates and improvements

  • The most active community of fellow developers

For questions about migrating an existing solution, please contact our developer support team.


Understanding the Authorize.Net API

If you previously integrated with the Authorize.Net platform, you may be used to seeing each of our features documented as separate and distinct APIs. Within our newer documentation, you’ll find that all of our features are a part of a larger cohesive API set.


API Support Status


API Method Status Comments
AIM Supported Recommend using Authorize.Net API
SOAP API Deprecated Use Authorize.Net API with XML or JSON
SIM Deprecated Use Accept Hosted
DPM Deprecated Use Accept.js
Hosted CIM


Sanbox Disabled 3/30

End of Life 5/31/2018

Use Accept Customer
HTTP GET End of Life Recommend using Authorize.Net API
WebLink End of Life Recommend using Accept Hosted


Supported - API is fully supported and maintained including updates and enhancements

Deprecated - API is now obsolete and in the process of being phased out.  See comment field for suggested replacement.

End of Life - API is no longer supported and will return an error if used after specified date.




STATUS: Deprecated 

Authorize.Net API includes all of the SOAP API functionality plus additional features such as Authorize.Net Accept, creating one-time transactions and enhanced Customer Profile methods.  

We have deprecated our SOAP API that offered support primarily for Customer Information Manager. We strongly recommend that developers move to the Authorize.Net API using XML or JSON. This will allow us to continue providing developers with the most up-to-date features and to support a single, consistent platform.


Advanced Integration Method (AIM)

STATUS: Supported but no longer updated

Use the methods described in Payment Transactions in the the API Reference using XML or JSON.

All of the transaction methods previously available through AIM are possible using the methods described in Payment Transactions in the the API Reference using XML or JSON. If you are using transaction methods documented as part of what we previously called our "AIM XML" API, these transaction methods have been incorporated into our current broader Authorize.Net API. These transaction requests can continue to be used as is.

If you are using our legacy AIM Name Value Pair (NVP) method, you're posting your transaction requests to a URL ending in "transact.dll", and the form field names begin with "x_". These types of transaction requests can be brought current by recreating them using the methods described in Payment Transactions in the the API Reference using XML or JSON.

If you are using our legacy AIM Name Value Pair (NVP) method and need to troubleshoot existing code, you may find it helpful to refer to the existing AIM NVP documentation:

AIM NVP Guide (PDF)PayPal AIM NVP Guide (PDF)   


Payment Form (SIM and DPM)

STATUS: Deprecated

Use Accept Hosted or Accept.js.

With the release of both Accept Hosted and Accept.js, we are beginning the process to deprecate and sunset our legacy SIM and DPM integration methods. Going forward, we will correct bugs with SIM/DPM, but will not add any new functionality.

We will soon announce an official end of life timeline for SIM and DPM, so we encourage you to upgrade any existing SIM/DPM solutions to use Accepted Hosted or Accept.js.

Authorize.Net Accept Hosted is a mobile-optimized, PCI DSS SAQ-A compliant solution for accepting payments. Accept Hosted is a replacement for SIM with many advantages, including the freedom to accept payments while reducing PCI scope and development efforts.


Hosted CIM Forms

STATUS: Deprecated. Disabled in Sandbox March 30, 2018.  Production End of Life 5/31/2018.

Upgrade to Accept Customer.


Hosted CIM forms have been replaced by our Accept Customer forms, a fully mobile-optimized, hosted solution for capturing payment information, which enables developers to leverage our Customer Profiles API while helping to maintain a SAQ-A level PCI-DSS compliance. Switching to the new Accept Customer forms is as easy as changing a single URL in your application. 

“How do I know if I’m using your older forms?” 

Whether you’re using the older Hosted CIM forms or our newer Accept Customer forms, you’re obtaining a form token from our API, and then using an HTML form in the browser to submit that form token to a URL for the specific form you want to use. Looking at this URL, you can tell whether you’re using the old hosted CIM forms or the new Accept Customer forms. In most cases, all you will need to do to use the Accept Customer forms instead is to change the address to which your form token is posted from the old CIM form addresses to the new Accept Customer addresses. 

Old CIM Form Addresses

https://secure.authorize.net/profile/_formName_ (for production)

https://test.authorize.net/profile/_formName_ (for sandbox/testing) 

New Accept Customer Addresses

https://accept.authorize.net/customer/_formName_ (for production)

https://test.authorize.net/customer/_formName_ (for sandbox/testing) 


The process of obtaining the token used to load these forms remains unchanged. Hosted CIM forms with addresses containing

https://secure.authorize.net/profile/ (for production)


https://test.authorize.net/profile/ (for sandbox/testing)

are no longer being updated and will return HTTP Error 410 after March 30, 2018. 

For more information about Customer Profiles and our Accept Customer forms, see our Customer Profiles documentation.




STATUS: End of Life

A change to the HTTP verb from GET to POST will remediate this issue, however, we recommend upgrading your application to use the Authorize.Net API

All GET requests to the sandbox and production endpoints https://secure.authorize.net/gateway/transact.dll and https://secure2.authorize.net/gateway/transact.dll endpoints will fail and will return a reason response code 66, "This transaction cannot be accepted for processing."



STATUS: End of Life

For  a simple, secure payment form, which will work great on any device, we recommend
Authorize.Net Accept Hosted

All requests to https://secure.authorize.net/gateway/transact.dll that do not include complete authentication credentials will return an error response code of 92 (The gateway no longer supports the requested method of integration)