DEPRECATION NOTE: The Docebo for Authorize.net SIM Integration has reached its End of Support on October 1, 2020, and its End of Life on January 1, 2021. Authorize.net Accept Hosted is a replacement for Authorize.net SIM with notable advantages.

Introduction

The Authorize.net payment gateway is an authorized payment gateway for the E-Commerce App in your platform. The Docebo integration with Authorize.net is based on the Accept Hosted payment form (opens in a new tab). 

Please note that in order to configure your integration, you need a valid merchant account on Authorize.net.

Please Note! Some currencies supported by Docebo may not be accepted by Authorize.net, so remember to check if your currency is supported by both systems before proceeding. Check out the complete list of the currencies supported by Docebo.

Activating Authorize.net on Your Platform

Activate the Payment Method - Authorize.net Accept Hosted app as described in the Managing Apps & Features article of the Knowledge Base. The app is listed in the Third Party Integrations tab.

Configuring Authorize.net Accept Hosted in Docebo

In order to configure Authorize.net Accept Hosted, log into your platform as the Superadmin, then access the Admin Menu from the gear icon in the top right corner and select the Manage option in the Payment Method - Authorize.net Accept Hosted section.

Activate the Enable Authorize.net payment gateway toggle to enable this payment gateway in your platform. Then, use the corresponding text boxes to fill in the Login ID and the Transaction Key. These values authenticate you as an authorized merchant when submitting transaction requests.

You can test the configuration before using the real environment, by selecting the option to enable the sandbox mode. Press Save Changes when finished.

Obtaining the Login ID and the Transaction Key

The Login ID is a complex value that is at least eight characters in length, includes uppercase and lowercase letters, numbers, and/or symbols, and identifies your account to the payment gateway. It is not the same value as your login ID for logging into the Merchant Interface, as the two values perform different functions. The Login ID is used by Docebo to communicate with the payment gateway to submit transactions. It is only used for Docebo's connection to the payment gateway.

The Transaction Key is a 16-character alphanumeric value that is randomly generated in the Merchant Interface. It works in conjunction with your Login ID to authenticate you as an authorized user of the Authorize.Net Payment Gateway when submitting transactions from Docebo.

In order to obtain these values, log in to the Merchant Interface at https://account.authorize.net, select Settings under the Account area in the main menu and click on API Credentials & Keys in the Security Settings section.

If you have not already obtained a Login ID and Transaction Key for your account yet, you will need to enter the secret answer to the secret question you configured during the account activation process. Press Submit to terminate.

Please Note! The Transaction Key for your account is displayed on a confirmation page. Once you navigate away from the confirmation page, there is no other way to access the Transaction Key in the your merchant interface.

You will have to generate a new Transaction Key. It is highly recommended that you create a new Transaction Key regularly (i.e. every six months) to strengthen the security of your payment gateway account. You then need to save the new Transaction Key in the corresponding area in your platform to update the integration code. Failure to do so will result in a disruption in transaction processing.

Configuring the Relay Response URL in Authorize.net

Finally, configure the Response URL. To do so, access the Account Tab. In the Transaction Format Settings, click on Response/Receipt URLs. Set the Default Receipt URL by pressing Edit in the corresponding line and by entering the URL of your platform; this configuration is mandatory. The Default Relay Response URL is optional but we suggest you configure it if the business logic you implemented in Authorize.net allows you to do so. Remember that once you enter Default Relay Response URL, you will not be able to modify it.

For those using the 7.0 theme with a custom domain, remember to insert your custom domain URL. For those using the 6.9 theme, always use the docebosaas URL. Use the examples below for guidance (note that anything in brackets will need to be replaced with your own LMS information):

• Custom Domain:  https://[custom_domain]/ecommerce/v1/authorizedotnet/relay_response
• Standard Domain:  https://[mylms].docebosaas.com/ecommerce/v1/authorizedotnet/relay_response
• Extended Enterprise:  https://[mylms].docebosaas.com/[extendedenterprisedomainfoldername]/ecommerce/v1/authorizedotnet/relay_response

Note on the MD5 Hash End of Life

Authorize.net introduced the SHA2 encryption algorithm on January 29, 2019, and deprecated the MD5 Hash algorithm at the end of June 2019. For existing integrations, your integration continues working without any interruptions at this time, and your Signature Algorithm will be set to MD5. Existing keys will still be encrypted with MD5 Hash, but we suggest you switch to SHA2 as soon as possible. Please note that even if the Docebo interface allows you to roll back to MD5 after switching to SHA2, Authorize.net does not, and the rollback would cause a key mismatch.

Best Practices

• When selecting Authorize.net as the payment gateway for an e-commerce transaction, the sum of the characters typed in Address 1 and Address 2 fields in the Billing Information panel when finalizing the payment cannot exceed 60. Auhtorize.net does not handle addresses with more than 60 characters. 
• Remember that the Invoice field of Authorize.net is populated with a unique Docebo internal invoice number for every transaction performed in Docebo Learn to prevent the creation of duplicated transactions