AuthorizeNet_AIM - Payment processing tag for Lasso Professional 8 and the Authorize.Net AIM v3.1 payment processing gateway
This tag is an update to the AuthorizeNet_AIM payment processing tag for Lasso 8 and the Authorize.Net AIM v3.1 payment processing gateway.
This tag has one required parameter,
-AIMParams, and two optional
-AIMParams is an unnamed map of name/value pairs representing the
parameters to be passed to Authorize.Net.
-testdeveloper is a boolean that when
TRUE submits a test transaction
to Authorize.Net's "test" URL. Default is
-testrequest is a boolean that when
TRUE submits a test transaction
request to the designated URL ("test" or "secure") as set in the tag
configuration or by the
-testdeveloper keyword parameter. Default is
This tag returns a value which is either a string or a map.
- If the returned value is a string, the string is a plain text error message returned by Authorize.Net indicating that you have not properly configured the Authorize.Net Merchant Interface or this tag's settings.
- If the returned value is a map, it contains the key/value pairs of non-empty parameters in the response returned by the Authorize.Net gateway.
Support Free and Open Source Software Contributions
If you like this tag or documentation, or think I need to spend less time at the computer and take my wife out on a date night, then consider sending either a recurring donation via Gratipay for as small as 25¢ per week, or a one-time donation via PayPal.
Duke accepts donations of biscuits and cabbages. woof.
It is highly recommend to store the
AuthorizeNet_AIM tag in a location on
your web server that cannot be served, preferably outside of your web root.
You do not want your login or transaction key to be served as a plain text
- configuring the Authorize.Net website Merchant Interface,
- setting values in this tag, and
- passing values into this tag as a map of key/values.
Authorize.Net Merchant Interface
In the Authorize.Net Merchant Interface Account > Settings > API Login ID and Transaction Key, obtain your transaction key.
Edit this method by entering your transaction key, and saving the file.
Next configure the response delimiter character, under Account > Settings > Direct Response.
Use a pipe and no encapsulation characters:
|Default Field Separator||
|Field Encapsulation Character||
If you do not use the above settings, then you must change the corresponding values as defined elsewhere in this tag.
Setting values in this method or by passing in parameters
You can choose to either set configuration values in this tag below, or pass them in as values in the map of AIM parameters. Any values passed into this tag will override their corresponding values entered below.
In your page that calls
[AuthorizeNet_AIM], build a map of parameters to
send to the tag.
local('AIMParams') = map( 'x_first_name' = #first_name, 'x_last_name' = #last_name, 'x_amount' = #amount, ... and so on...);
2. Set a variable to the method
[AuthorizeNet_AIM], store the results in a variable. This
will allow you to easily code logic in your page to take appropriate action
based on the results (Response Code, etc.) from Authorize.Net.
local('aim_results') = AuthorizeNet_AIM(#AIMParams);
Optionally, use the following following parameters.
-testdeveloper=TRUE submits a test transaction to Authorize.Net's "test"
URL. Default is
-testrequest=TRUE submits a test transaction request to the designated URL
("test" or "secure") as set in the tag configuration or by the
-testdeveloper keyword parameter. Default is
-curl=TRUE submits parameters via
instead of Lasso's
include_url. It also checks for the installation of
shell, and returns an error if they are not. This
is a workaround for a bug reported to LassoSoft on March 19, 2016 and discussed on LassoTalk.
-tlsv12=TRUE uses TLS v1.2 when executing
cURL and when
FALSE, then this setting is ignored. Default is
The following sends a map of parameters to the tag, which posts the parameters to Authorize.Net's test server as a test transaction request.
local('aim_results') = AuthorizeNet_AIM( #AIMParams, -testdeveloper=TRUE, -testrequest=TRUE, -curl=TRUE, -tlsv12=TRUE);
3. Sample page logic
// evaluate results and make appropriate decisions if(#aim_results -> find('x_response_code') == '1'); // transaction approved else; // transaction failed select(#aim_results -> find('x_response_code')); case('2'); // declined case('3'); // transaction processing error case('4'); // held for review case; // undefined error /select; /if;
4. Sample message
I recommend displaying a simple error message "Your request could not be processed. Please contact us at _____ during normal business hours." Don't encourage users to try again because it will just frustrate them, or possibly cause much worse problems (multiple payments, trigger an over limit event, trigger a fraud alert with the card issuer, etc.). And in the case of actual fraud, you don't want to tip off the fraudster of why the transaction was declined.
#sample_msg -> append('Thank you, ' + #aim_results -> find('x_first_name') + '! You have personally enriched me by $' + #aim_results -> find('x_amount') + '.');
5. Custom labels
You can add merchant-defined results labels to
access them after they are echoed by Authorize.Net.
Here is a code sample that sends an authorize-only transaction to the Authorize.Net test server.
[ local('AIMParams') = map( 'x_login'='ENTER_YOUR_LOGIN', 'x_tran_key'='ENTER_YOUR_TRANSACTION_KEY', 'x_type'='auth_only', 'x_card_num'='5424000000000015', // dummy CC# 'x_exp_date'='1220', // December 2020 'x_amount'='0.01'); local('results') = authorizenet_aim(#AIMParams, -testdeveloper=true); #results; ]
See the comments embedded in the tag's code for proper configuration.
For rapid testing:
- Copy the files
AuthorizeNet_AIM.lassoto your web server.
- Configure settings in both files accordingly. The settings in the latter override the former.
- Save and load
AuthorizeNet_AIM.lassoto see the results.
Additional eCommerce Resources
The following information does not constitute an endorsement, warranty or guarantee of service. This information is provided for the sake of comparison. These are the lowest fees I have found over the years.
For further information on developing for AIM, download the AIM Guide.
In addition to this tag, the following are requirements.
- Dedicated IP for TLS (~$10/month).
- Secure certificate, starting at $10/year from NameCheap, or use Let's
Encrypt for a free secure
certificate. You can support the continued development of the
AuthorizeNet_AIM_9method using my NameCheap referral link.
- Merchant account that accepts payments over the Internet. If you need a
merchant account, you can support the continued development of the
AuthorizeNet_AIM_9method using my Capital Merchant Solutions referral link. As of May 28, 2014, the merchant account costs $8.95/month (for a statement fee), plus 2.14% of the transaction amount and 24¢ per transaction. Everything else is free.
- Payment gateway (an Authorize.Net account, for example). Some entities
already have a merchant account, so sometimes it is easier to add this
feature to their existing merchant account. I am an Authorize.Net reseller.
You can support the continued development of the
AuthorizeNet_AIM_9method by following my Authorize.Net reseller link. Effective July 1, 2016, the cost is $15/month, with a $25 account setup fee, $0.05 per transaction, and $0.07 per batch of transactions in a given day.
- A combined payment gateway and merchant account is also available from
Authorize.Net. You can support the continued development of the
AuthorizeNet_AIM_9method by following my Authorize.Net reseller link. Effective July 1, 2016, the cost is $15/month, with a $25 account setup fee, and a 2.9% plus $0.30 per transaction fee. This option may be more convenient, especially for new online merchants or for processing a small number of transactions.
I am available as a consultant for ecommerce solutions. Please visit Services for more information.