10.0.0 - 10.0.20
541 201 9965 Email Website

Home > Setup & Configuration > Payment Gateways > Authorize.net


Obtaining your API Login and Transaction Key

  1. Login to your Authorize.Net account.

  2. Navigate to Account - Settings - Security Settings - API Credentials & Keys.


  3. Obtain your API Login ID and generate a Transaction Key if you have not already been provided one from Authorize.Net.


Enabling the Authorize.Net Gateway

  1. In the AspDotNetStorefront admin console, go to Configuration > Site Setup Wizard.

  2. In the Payment Gateway section, click the configure link next to the Authorize.Net entry.

  3. Enter the values you obtained from Authorize.Net for the Login and Transaction Key.


  4. Click Save and Close.

  5. Finally, click the radio button next to Authorize.Net and then click the Save button.

Enabling the Authorize.Net Gateway with Accept.js

With AspDotNetStorefront 10.0.12+, you can now use Accept.js for your Authorize.Net gateway. Accept.js is a JavaScript-based solution for sending secure payment data directly to Authorize.Net. The Accept JavaScript library intercepts the payment data before it is passed to your server and instead submits it directly to Authorize.Net, which replaces it with a one-time-use token. This allows you to achieve the PCI DSS SAQ-A level when hosted by a PCI certified Service Provider (such as Vortx).


eChecks (ACH) can also now be enabled through the Accept.js , simply select the option "E-Checks through supported gateway" in the Configuration - Site Setup Wizard - Credit Cards & Other Payment Methods section.

Generating and Using the Public Client Key
You must first generate a merchant identifier (Client Key) that is entered in your Site Setup Wizard > Accept.js configuration, along with your existing API Login key and Transaction Key.

To generate the Client Key, you must first log into your Authorize.Net account in the Merchant Interface and navigate to:

Account (tab) > Settings (left menu option) > Security Settings (sub-area) > General Security Settings (sub-sub-area) > Manage Public Client Key (link)

If the Public Client Key is present, then it has already been generated and you can access it to copy into your Client Key field for the Accept.js configuration in your admin Site Setup Wizard. If the Client Key does not yet exist, you will be prompted to answer your security question before generating the key.


NOTE: The Accept.js configuration has separate fields for Test and Live account credential keys.

  1. In the AspDotNetStorefront admin console, go to Configuration > Site Setup Wizard.
  2. In the Payment Gateway section, click the configure link next to the Accept.js entry.
  3. Copy your API Login Key and Transaction Key from your Authorize.NET configuration into the appropriate fields for the Accept.js configuration.
  4. Copy your Public Client Key from your Authorize.NET account into your appropriate Client Key fields for the Accept.js configuration.

  1. Click Save and Close.

  2. Finally, click the radio button next to Accept.js and then click the Save button.

Authorize.Net Wallet

NOTE: The CIM Wallet is only available with the Authorize.NET gateway (not available with Accept.js ) 

The AspDotNetStorefront software is also integrated with Authorize.Net's Customer Information Manager (CIM) service. This allows customers to store their credit card information in the Authorize.net 'Wallet', which is stored on Authorize.Net's servers. Customers can access this stored credit card information to check out without having to re-enter their payment information each time. This will work even if your store is not storing credit card information.

Enabling the Wallet

To enable the Wallet, simply follow the steps above to enable Authorize.Net, and on step 3 set CIM Enabled to Yes.

Adding saved credit cards

Customers can add saved credit cards 2 ways:

  1. On the account page

  2. During checkout, any new credit card entered will be saved if the Save to your wallet? box is checked. Note that when using the Authorize.Net gateway with CIM enabled, this will not store the credit card information locally unless your StoreCCInDB Setting is also enabled.

Using the Wallet

To use a saved credit card from the Wallet, customers simply choose the 'Stored Payment Methods' option during checkout, and choose the card they want to use.

The 'Stored Payment Methods' text can be changed by editing the 'checkoutpayment.aspx.36' prompt.


  • Authorize.Net CIM requires a unique customer ID per gateway account for each customer that it is saving data for. Those IDs come from your storefront. This means that if you are testing this functionality on multiple sites with different databases, you must use a different customer for testing on each site.
  • CIM will only work on an Authorize.Net account that is set to live mode. You can enable CIM testing by setting the AUTHORIZENET_Cim_UseSandbox Setting to true, but the main account must be live. You can do this in your Authorize.Net Account - Settings - Security Settings - General Security Settings - Test Mode.
  • Issue: Orders Listed In Failed Transactions On The Admin Site, But Show As Authorized On The Gateway Site When Using Authorize.Net

    When using Authorize.Net as the gateway, some orders are placed in the failed transaction log but show as authorized or captured on the Authorize.Net website or in your transaction reports.

    This is caused by Authorize.Net’s Advanced Fraud Detection Suite marking the order for review.  AspDotNetStorefront is not compatible with their Advanced Fraud Detection Suite, and therefore a transaction that is received that does not contain a response code of 1 (approved) will be marked as a failed transaction and the order will not be completed.  An order that is marked for review by Authorize.Net returns a response code of 4, which is seen as a failure.

    To avoid potential duplicate charges or authorizations, AspDotNetStorefront recommends disabling the Advanced Fraud Detection Suite on your Authorize.Net account.  Our recommendations for eliminating fraud include implementing the MaxMind anti-fraud service and manually reviewing each transaction before capturing payment or shipping product to the customer.  AspDotNetStorefront can also be configured to fail transactions that reach certain fraud risk threshold based on the MaxMind score.  By using MaxMind, you receive the benefits of fraud protection while having full integration with AspDotNetStorefront’s admin site.

Print This Article
Email This Article
Previous Article
Next Article

Was this page helpful?YesNo