C, C++
.NET version 1.1 and version 2.0
Java
PHP

Must access
Cybersource
services that can only be accessed with APIs.
Have high volumes of transactions that warrant high levels of automation.
Must control and customize their customers’ buying experience.
Have an order page that is secured with Secure Sockets Layer (SSL).
Can provide skilled software programmers to implement
Cybersource
services with the API.

Name-value pairs, which are simpler to use than XML
XML, which requires you to create and parse XML documents

Name-value pairs: See
authCaptureSample.c
in <installation directory>
/samples/nvp
.
XML: We suggest that you examine the name-value pair sample code listed above before implementing your code to process XML requests.

#include "cybersource.h"
// Load the configuration settings
const char CYBS_CONFIG_INI_FILE[] = "../cybs.ini";
pConfig = cybs_load_config( CYBS_CONFIG_INI_FILE );
// Set up the request by creating an empty CybsMap and add fields to it
pRequest = cybs_create_map();
// We want to do credit card authorization in this example
cybs_add( pRequest, "ccAuthService_run", "true" );
// Add required fields
cybs_add( pRequest, "merchantID", "infodev" );
cybs_add( pRequest, "merchantReferenceCode", "MRC-14344" );
cybs_add( pRequest, "billTo_firstName", "Jane" );
cybs_add( pRequest, "billTo_lastName", "Smith" );
cybs_add( pRequest, "billTo_street1", "Charleston" );
cybs_add( pRequest, "billTo_city", "Mountain View" );
cybs_add( pRequest, "billTo_state", "CA" );
cybs_add( pRequest, "billTo_postalCode", "94043" );
cybs_add( pRequest, "billTo_country", "US" );
cybs_add( pRequest, "billTo_email", "jsmith@example.com" );
cybs_add( pRequest, "card_accountNumber", "4111111111111111" );
cybs_add( pRequest, "card_expirationMonth", "12" );
cybs_add( pRequest, "card_expirationYear", "2010" );
cybs_add( pRequest, "purchaseTotals_currency", "USD" );
// This example has two items
cybs_add( pRequest, "item_0_unitPrice", "12.34" );
cybs_add( pRequest, "item_1_unitPrice", "56.78" );
// Add optional fields here according to your business needs
// Send request
Create the reply structure and send the request
pReply = cybs_create_map();
status = cybs_run_transaction(pConfig, pRequest, pReply);
// Handle the reply. See Handling the Return Status.

Linux kernel 2.2, LibC6 on an Intel processor
GNU GCC compiler (with C++ enabled)

Windows XP, 2000, or newer
Microsoft Visual Studio 6.0

_error_info
: Information about the error that occurred
_raw_reply
: The server’s raw reply
_fault_document
: The entire, unparsed fault document
_fault_code
: The fault code, which indicates where the fault originated
_fault_string
: The fault string, which describes the fault.
_fault_request_id
: The request ID for the request.

Collects information for the
Cybersource
services that you will use
Assembles the order information into requests
Sends the requests to the
Cybersource
server
Processes the reply information
The
Cybersource
servers do not support persistent HTTP connections.

const char CYBS_CONFIG_INI_FILE[] = "../cybs.ini";
pConfig = cybs_load_config( CYBS_CONFIG_INI_FILE );

pRequest = cybs_create_map();
pReply = cybs_create_map();

cybs_add( pRequest, "ccAuthService_run",   "true" );
cybs_add( pRequest, "ccCaptureService_run",   "true" );

cybs_add( pRequest, "merchantReferenceCode",   "3009AF229L7W" );
cybs_add( pRequest, "billTo_firstName",   "Jane" );
cybs_add( pRequest, "billTo_lastName",   "Smith" );
cybs_add( pRequest, "card_accountNumber",   "4111111111111111" );
cybs_add( pRequest, "item_0_unitPrice",   "29.95" );

if( status == CYBS_S_OK ) {
  // Read the value of the "decision" in pReply.
  decision = cybs_get( pReply, "decision" );
  // If decision=ACCEPT, indicate to the customer that the request was successful.
  // If decision=REJECT, indicate to the customer that the order was not approved.
  // If decision=ERROR, indicate to the customer that an error occurred and to try
  // again later.
  // Now get reason code results:
  reason = cybs_get( pReply, "reasonCode" );
  // See Processing the Reason Codes for how to process the 
  // reasonCode from the reply.
} else {
  handleError( status, pRequest, pReply );
}
//---------------------
void handleError( CybsStatus stat, CybsMap* preq, CybsMap* prpl )
//---------------------
{
  // handleError shows how to handle the different errors that can occur.
  const char* pstr;
  pstr = cybs_get( prpl, CYBS_SK_ERROR_INFO );
  switch( stat ) {
    // An error occurred before the request could be sent. 
    case CYBS_S_PRE_SEND_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Notify appropriate internal resources of the error.
    break;
    // An error occurred while sending the request.
    case CYBS_S_SEND_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
    break;
    // An error occurred while waiting for or retrieving the reply.
    case CYBS_S_RECEIVE_ERROR :
      // Critial error.
      // Tell customer the order could not be completed and to try again later.
      // Notify appropriate internal resources of the error.
      // See the sample code for more information about handling critical errors.
    break;
    // An error occurred after receiving and during processing of the reply.
    case CYBS_S_POST_RECEIVE_ERROR :
      // Critical error.
      // Tell customer the order could not be completed and to try again later.
      // Look at _raw_reply in pReply for the raw reply.
      // Notify appropriate internal resources of the error.
      // See the sample code for more information about handling critical errors.
    break;
    // CriticalServerError fault
    case CYBS_S_CRITICAL_SERVER_FAULT :
      // Critial error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from the pReply.
      // Notify appropriate internal resources of the fault.
      // See the sample code for more information about reading fault details and
      // handling a critical error.
    break;
    // ServerError fault
    case CYBS_S_SERVER_FAULT :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from the pReply.
      // See the sample code for information about reading fault details.
    break;
    // Other fault
    case CYBS_S_OTHER_FAULT :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from pReply.
      // Notify appropriate internal resources of the fault.
      // See the sample code for information about reading fault details.
    break;
    // HTTP error
    case CYBS_S_HTTP_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Look at _raw_reply in pReply for the raw reply.
      break;
    default :
 // Unknown error
  }
}

decision
: A one-word description of the results of your request. The decision is one of the following:
ACCEPT
if the request succeeded
REJECT
if one or more of the services in the request was declined
REVIEW
if you are using
Decision Manager
and it flags the order for review. See Handling
Decision Manager
Reviews, for more information.
ERROR
if there was a system error. See Retrying When System Errors Occur, for more information.
reasonCode
: A numeric code that provides more specific information about the results of your request.

// Example of how to handle reason codes
  // Success
  if( reason == "100" ) {
    printf(
      "Request ID: %s\nAuthorizedAmount: %s\nAuthorization Code: %s\n",
      cybs_get(pReply, "requestID"),
      cybs_get(pReply, "ccAuthReply_amount"),
      cybs_get(pReply, "ccAuthReply_authorizationCode") );
  }
  // Insufficient funds
  else if (reason == "204") {
    printf(
    "Insufficient funds in account. Please use a different
     card or select another form of payment." ) ;
  }
    // add other reason codes here that you must handle specifically
  else {
    // For all other reason codes, return NULL, in which case, you should display
    // a generic message appropriate to the decision value you received.
  }

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

cybs_add( pRequest, "businessRules_ignoreAVSResult", "true" );

Search for the transaction in the
Business Center
, look at the description of the error on the Transaction Detail page, and call your processor to determine if and why they are rejecting the transaction.
Contact
Cybersource
Customer Support to confirm whether your error is truly caused by a
Cybersource
system issue.

Collects information for the
Cybersource
services that you will use
Assembles the order information into requests
Sends the requests to the
Cybersource
server
The
Cybersource
servers do not support persistent HTTP connections.
Processes the reply information

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
</requestMessage>

<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
  <merchantID>infodev</merchantID>
</requestMessage>

<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
  <merchantID>infodev</merchantID>
  <ccAuthService run="true"/>
</requestMessage>

<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
  <merchantID>infodev</merchantID>
  <ccAuthService run="true"/>
  <ccCaptureService run="true"/>
</requestMessage>

<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
  <merchantID>infodev</merchantID>
  <billTo>
    <firstName>Jane</firstName>
    <lastName>Smith</lastName>
  </billTo>
  <item id="0">
    <unitPrice>29.95</unitPrice>
  </item>
  <card>
    <accountNumber>4111111111111111</accountNumber>
  </card>
  <ccAuthService run="true"/>
</requestMessage>

const char CYBS_CONFIG_INI_FILE[] = "../cybs.ini";
pConfig = cybs_load_config( CYBS_CONFIG_INI_FILE );

pRequest = cybs_create_map();
pReply = cybs_create_map();

const char CYBS_XML_INPUT_FILE[] = "./myXMLDocument.xml";
// Read the XML document and store in a variable called szXML.
// See the authSample.c sample code for instructions on reading the
// XML document.
// Add the XML document to the request.
cybs_add( pRequest, CYBS_SK_XML_DOCUMENT, szXML );

if( status == CYBS_S_OK ) {
  // Read the value of the "decision" in pReply.
  decision = cybs_get( pReply, "decision" );
  // If decision=ACCEPT, indicate to the customer that the request was successful.
  // If decision=REJECT, indicate to the customer that the order was not approved.
  // If decision=ERROR, indicate to the customer that there was an error and to try
  // again later.
  // Now get reason code results:
  reason = cybs_get( pReply, "reasonCode" );
  // See "Processing the Reason Codes," page 31 for how to process the
  // reasonCode from the reply.
} else {
  handleError( status, pRequest, pReply );
}
//---------------------
void handleError( CybsStatus stat, CybsMap* preq, CybsMap* prpl )
//---------------------
{
  // handleError shows how to handle the different errors that can occur.
  const char* pstr;
  pstr = cybs_get( prpl, CYBS_SK_ERROR_INFO );
  switch( stat ) {
    // An error occurred before the request could be sent. 
    case CYBS_S_PRE_SEND_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Notify appropriate internal resources of the error.
    break;
    // An error occurred while sending the request.
    case CYBS_S_SEND_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
    break;
    // An error occurred while waiting for or retrieving the reply.
    case CYBS_S_RECEIVE_ERROR :
      // Critial error.
      // Tell customer the order could not be completed and to try again later.
      // Notify appropriate internal resources of the error.
      // See the sample code for more information about handling critical errors.
    break;
    // An error occurred after receiving and during processing of the reply.
    case CYBS_S_POST_RECEIVE_ERROR :
      // Critical error.
      // Tell customer the order could not be completed and to try again later.
      // Look at _raw_reply in pReply for the raw reply.
      // Notify appropriate internal resources of the error.
      // See the sample code for more information about handling critical errors.
    break;
    // CriticalServerError fault
    case CYBS_S_CRITICAL_SERVER_FAULT :
      // Critial error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from the pReply.
      // Notify appropriate internal resources of the fault.
    // ServerError fault
    case CYBS_S_SERVER_FAULT :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from pReply.
      // See the sample code for information about reading fault details.
   break;
    // Other fault
    case CYBS_S_OTHER_FAULT :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Read the various fault details from pReply.
      // Notify appropriate internal resources of the fault.
      // See the sample code for information about reading fault details.
    break;
    // HTTP error
    case CYBS_S_HTTP_ERROR :
      // Non-critical error.
      // Tell customer the order could not be completed and to try again later.
      // Look at _raw_reply in pReply for the raw reply.
      break;
    default :
 // Unknown error
  }
}

decision
: A one-word description of the results of your request. The decision is one of the following:
ACCEPT
if the request succeeded
REJECT
if one or more of the services in the request was declined
REVIEW
if you use
Decision Manager
and it flags the order for review. See Handling
Decision Manager
Reviews, for more information.
ERROR
if there was a system error. See Retrying When System Errors Occur, for more information.
reasonCode
: A numeric code that provides more specific information about the results of your request.

// Example of how to handle reason codes
  // Success
  if( reason == "100" ) {
    printf(
      "Request ID: %s\nAuthorizedAmount: %s\nAuthorization Code: %s\n",
      cybs_get(pReply, "requestID"),
      cybs_get(pReply, "ccAuthReply_amount"),
      cybs_get(pReply, "ccAuthReply_authorizationCode") );
  }
  // Insufficient funds
  else if (reason == "204") {
    printf(
    "Insufficient funds in account. Please use a different
     card or select another form of payment." ) ;
  }
    // add other reason codes here that you must handle specifically
  else {
    // For all other reason codes, return NULL, in which case, you should display a
     // generic message appropriate to the decision value you received.
  }

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

<businessRules>
    <ignoreAVSResult>true</ignoreAVSResult>
</businessRules>

Search for the transaction in the
Business Center
, look at the description of the error on the Transaction Detail page, and call your processor to determine if and why they are rejecting the transaction.
Contact
Cybersource
Customer Support to confirm whether your error is truly caused by a
Cybersource
system issue.

Test server URLs:
Internet endpoint:
https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor
Akamai endpoint:
https://ics2wstesta.ic3.com/commerce/1.x/transactionProcessor
Production server URLs:
Internet endpoint: https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
Akamai endpoint: https://ics2wsa.ic3.com/commerce/1.x/transactionProcessor
India endpoint:
https://ics2ws.in.ic3.com/commerce/1.x/transactionProcessor
Namespace URI:
urn:schemas-cybersource-com:transaction-data-1.18
.

Name-value pairs, which are simpler to use than XML
XML, which requires you to create and parse XML documents
SOAP (Simple Object Access Protocol) 1.1, which provides an object-oriented interface

using CyberSource.Soap;
using CyberSource.Soap.CyberSourceWS;
using System;
using System.Configuration;
using System.Net;
using System.Web.Services.Protocols;
namespace Sample {
  class Sample {
    static void Main(string[] args) {
      RequestMessage request = new RequestMessage();
      request.merchantID = "infodev";
      // we want to do Credit Card Authorization in this sample
      request.ccAuthService = new CCAuthService();
      request.ccAuthService.run = "true";
      // add required fields
      request.merchantReferenceCode = "148705832705344";
      BillTo billTo = new BillTo();
      billTo.firstName = "Jane";
      billTo.lastName = "Smith";
      billTo.street1 = "1295 Charleston Road";
      billTo.city = "Mountain View";
      billTo.state = "CA";
      billTo.postalCode = "94043";
      billTo.country = "US";
      billTo.email = "jsmith@example.com";
      request.billTo = billTo;
      Card card = new Card();
      card.accountNumber = "4111111111111111";
      card.expirationMonth = "12";
      card.expirationYear = "2010";
      request.card = card;
      PurchaseTotals purchaseTotals = new PurchaseTotals();
      purchaseTotals.currency = "USD";
      request.purchaseTotals = purchaseTotals;
      // there is one item in this sample
      request.item = new Item[1];
      Item item = new Item();
      item.id = "0";
      item.unitPrice = "29.95";
      request.item[0] = item;
      // See "Interpreting the Reply," for details about
      // processing the reply for a SOAP transaction.
      try {
        ReplyMessage reply = Client.RunTransaction( request );
      } catch (CryptographicException ce) {
        Console.WriteLine( ce.ToString() );
      } catch (MessageSecurityException mse) {
        Console.WriteLine( mse.ToString() );
      } catch (WebException we) {
        Console.WriteLine( we.ToString() );
      } catch (Exception e) {
        Console.WriteLine( e.ToString() );
      }
    }
  }
}

Microsoft Windows 2000 or later
.NET Framework 4.0 or later
Microsoft Visual Studio 2010
Failure to configure your client API host to a unique, public IP address will cause inconsistent transaction results.

CybsWSSecurity.dll (unregister)
CybsWSSecurityIOP.dll
CyberSource.WSSecurity.dll
domsupport_1_4_0.dll
Msvcp60.dll
platformsupport_1_4_0.dll
spapache.dll
xalandom_1_4_0.dll
xalansourcetree_1_4_0.dll
xerces-c_2_1_0.dll
xercesparserliaison_1_4_0.dll
xmlsupport_1_4_0.dll
xpath_1_4_0.dll

Using Name-Value Pairs.
Using XML.
Using SOAP.

<add key="cybs.NewMerchant.sendToProduction" value="false"/>
<add key="cybs.sendToProduction" value="true"/>

Collects information for the
Cybersource
services that you will use
Assembles the order information into requests
Sends the requests to the
Cybersource
server
Processes the reply information
The
Cybersource
servers do not support persistent HTTP connections.

using CyberSource.Clients;
using System;
using System.Collections;
using System.Net;
using System.Security.Cryptography;
using System.ServiceModel;
using System.ServiceMode1.Security;

Hashtable request = new Hashtable();

request.Add( "merchantID", "infodev" );

request.Add( "ccAuthService_run", "true" );

request.Add( "ccAuthService_run", "true" );
request.Add( "ccCaptureService_run", "true" );

request.Add( "billTo_firstName", "Jane" );
request.Add( "billTo_lastName", "Smith" );
request.Add( "card_accountNumber", "4111111111111111" );
request.Add( "item_0_unitPrice", "29.95" );

try {
  Hashtable reply = NVPClient.RunTransaction( request );
  SaveOrderState();
  // Using the Decision and Reason Code describes the ProcessReply
  // method.
  ProcessReply( reply );
} catch (CryptographicException ce) {
  SaveOrderState();
  Console.WriteLine( ce.ToString() );
} catch (WebException we) {
  SaveOrderState();
  /*
   * Some types of WebException indicate that the transaction may have been
   * completed by CyberSource. The sample code shows how to identify these
   * exceptions. If you receive such an exception, and your request included a
   * payment service, you should use the Cybersource transaction search screens to
   * determine whether the transaction was processed.
   */
  Console.WriteLine( we.ToString() );
}private static void SaveOrderState() {
  /*
   * This is where you store the order state in your system for post-transaction
   * analysis. Be sure to store the consumer information, the values of the reply
   * fields, and the details of any exceptions that occurred.
   */
}

decision
: A one-word description of the results of your request. The decision is one of the following:
ACCEPT
if the request succeeded
REJECT
if one or more of the services in the request was declined
REVIEW
if you use
Decision Manager
and it flags the order for review. See For Cybersource Advanced Merchants: Handling Decision Manager Reviews for more information.
ERROR
if there was a system error. See Retrying When System Errors Occur, for important information about handling retries in the case of system errors.
reasonCode
: A numeric code that provides more specific information about the results of your request.

private static bool ProcessReply( Hashtable reply ) {
  string template = GetTemplate( 
    ((string)reply["decision"]).ToUpper() );
  string content  = GetContent( reply );
  // This example writes the message to the console. Choose an appropriate display
  // method for your own application.
  Console.WriteLine( template, content );
}
private static string GetTemplate( string decision ) {
  // Retrieves the text that corresponds to the decision.
  if ("ACCEPT".Equals( decision )) {
    return( "The order succeeded.{0}" );
  }
  if ("REJECT".Equals( decision )) {
    return( "Your order was not approved.{0}" );
  }
  // ERROR, or an unknown decision
  return( "Your order could not be completed at this time.{0}" +
          "\nPlease try again later." );
}
private static string GetContent( Hashtable reply ) {
  /*
   * Uses the reason code to retrieve more details to add to the template.
   *
   * The messages returned in this example are meant to demonstrate how to
   * retrieve the reply fields. Your application should display user-friendly
   * messages.
   */
  int reasonCode = int.Parse( (string) reply["reasonCode"] );
  switch (reasonCode) {
    // Success
    case 100:
      return( "\nRequest ID: " + reply["requestID"] );
    // Missing field or fields
    case 101:
      return( "\nThe following required fields are missing: " +
              EnumerateValues( reply, "missingField" ) );
    // Invalid field or fields
    case 102:
      return( "\nThe following fields are invalid: " +
              EnumerateValues( reply, "invalidField" ) );
    // Insufficient funds
    case 204:
      return( "\nInsufficient funds in the account. Please use a " +
              "different card or select another form of payment." );
    // Add additional reason codes here that you must handle more specifically.
    default:
      // For all other reason codes, such as unrecognized reason codes, or codes
      // that do not require special handling, return an empty string.
      return( String.Empty );
  }
}
private static string EnumerateValues( Hashtable reply,
                                       string fieldName ) {
  System.Text.StringBuilder sb = new System.Text.StringBuilder();
  string val = "";
  for (int i = 0; val != null; ++i) {
    val = (string) reply[fieldName + "_" + i];
    if (val != null) {
      sb.Append( val + "\n" );
    }
  }
  return( sb.ToString() );
}

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

request.put( "businessRules_ignoreAVSResult", "true" );

Search for the transaction in the
Business Center
(depending on which one you normally use), look at the description of the error on the Transaction Detail page, and call your processor to determine if and why they are rejecting the transaction.
Contact
Cybersource
Customer Support to confirm whether your error is truly caused by a
Cybersource
system issue.

The directory that contains your security key
The location of the
Cybersource
server

Collects information for the Cybersource services that you will use
Assembles the order information into requests
Sends the requests to the Cybersource server
Processes the reply information
The Cybersource servers do not support persistent HTTP connections.

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.17">
</requestMessage>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.17">
  <merchantID>infodev</merchantID>
</requestMessage>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.15">
  <merchantID>infodev</merchantID>
  <ccAuthService run="true"/>
</requestMessage>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.17">
  <merchantID>infodev</merchantID>
  <ccAuthService run="true"/>
  <ccCaptureService run="true"/>
</requestMessage>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.15">
  <merchantID>infodev</merchantID>
  <billTo>
    <firstName>Jane</firstName>
    <lastName>Smith</lastName>
  </billTo>
  <item id="0">
  </card>
    <unitPrice>29.95</unitPrice>
  </item>
  <card>
    <accountNumber>4111111111111111</accountNumber>
  <ccAuthService run="true"/>
</requestMessage>

using CyberSource.Clients;
using System;
using System.Net;
using System.Xml;
using System.Security.Cryptography

try {
  XmlDocument request = new XmlDocument();
  request.Load( "MyXmlDocument.xml" );
  XmlDocument reply = XmlClient.RunTransaction( request );
  SaveOrderState();
  // "Using the Using the Decision and Reason Code Fields describes the ProcessReply
  // method.
  ProcessReply( reply );
} catch (CryptographicException ce) {
  SaveOrderState();
  Console.WriteLine( ce.ToString() );
} catch (FaultException fe) {
  SaveOrderState();
  /*
   * Some types of FaultException indicate that the transaction may have been
   * completed by CyberSource. The sample code shows how to identify these
   * exceptions. If you receive such an exception, and your request included a
   * payment service, you should use the Cybersource transaction search screens to
   * determine whether the transaction was processed.
   */
  Console.WriteLine( fe.ToString() );
} catch (WebException we) {
  SaveOrderState();
  /*
   * Some types of WebException indicate that the transaction may have been completed
   * by CyberSource. The sample code shows how to identify these exceptions. If you
   * receive such an exception, and your request included a payment service, you
   * should use the Cybersource transaction search screens to determine whether the
   * transaction was processed.
   */
  Console.WriteLine( we.ToString() );
}
private static void SaveOrderState() {
  /*
   * This is where you store the order state in your system for post-transaction
   * analysis. Be sure to store the consumer information, the values of the reply
   * fields, and the details of any exceptions that occurred.
   */
}

decision
: A one-word description of the results of your request. The decision is one of the following:
ACCEPT
if the request succeeded
REJECT
if one or more of the services in the request was declined
REVIEW
if you use
Decision Manager
and it flags the order for review. See For Cybersource Advanced Merchants: Handling Decision Manager Reviews for more information.
ERROR
if there was a system error. See Retrying When System Errors Occur, for important information about handling retries in the case of system errors.
reasonCode
: A numeric code that provides more specific information about the results of your request.

private static bool ProcessReply( XmlDocument reply ) {
  // The following code allows you to use XPath with the Cybersource schema, which
  // uses a non-empty default namespace.
  XmlNamespaceManager nsmgr
    = new XmlNamespaceManager( reply.NameTable );
  nsmgr.AddNamespace( "cybs", Client.CYBS_NAMESPACE );
  XmlNode replyMessage
    = reply.SelectSingleNode( "cybs:replyMessage", nsmgr);
  string decision = replyMessage.SelectSingleNode( 
    "cybs:decision/text()", nsmgr ).Value;
  string template = GetTemplate( decision.ToUpper() );
  string content  = GetContent( replyMessage, nsmgr );
  // This example writes the message to the console. Choose an appropriate display
  // method for your own application.
  Console.WriteLine( template, content );
}
private static string GetTemplate( string decision ) {
  // Retrieves the text that corresponds to the decision.
  if ("ACCEPT".Equals( decision )) {
    return( "The order succeeded.{0}" );
  }
}
  if ("REJECT".Equals( decision )) {
    return( "Your order was not approved.{0}" );
  }
  
  // ERROR, or an unknown decision
  return( "Your order could not be completed at this time.{0}" +
          "\nPlease try again later." );
private static string GetContent( 
  XmlNode replyMessage, XmlNamespaceManager nsmgr ) {
  /*
   * Uses the reason code to retrieve more details to add to the template.
   *
   * The messages returned in this example are meant to demonstrate how to retrieve
   * the reply fields. Your application should display user-friendly messages.
   */
  string textVal = replyMessage.SelectSingleNode( 
    "cybs:reasonCode/text()", nsmgr ).Value;
  int reasonCode = int.Parse( textVal );
  switch (reasonCode) {
    // Success
    case 100:
      return( "\nRequest ID: " +
        replyMessage.SelectSingleNode( 
          "cybs:requestID/text()", nsmgr ).Value );
    // Missing field or fields
    case 101:
      return( "\nThe following required fields are missing: " +
              EnumerateValues( replyMessage.SelectNodes(
                "cybs:missingField/text()", nsmgr ) ) );
    // Invalid field or fields
    case 102:
      return( "\nThe following fields are invalid: " +
              EnumerateValues( replyMessage.SelectNodes(
                "cybs:invalidField/text()", nsmgr ) ) );
    // Insufficient funds
    case 204:
      return( "\nInsufficient funds in the account. Please use a " +
              "different card or select another form of payment." );
    // Add additional reason codes here that you must handle more specifically.
    default:
      // For all other reason codes (for example, unrecognized reason codes, or
      // codes that do not require special handling), return an empty string.
      return( String.Empty );
  }
}
private static string EnumerateValues( XmlNodeList nodes ) {
  System.Text.StringBuilder sb = new System.Text.StringBuilder();
  foreach (XmlNode node in nodes) {
    sb.Append( val + "\n" );
  }
  return( sb.ToString() );
}

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

<businessRules>
    <ignoreAVSResult>true</ignoreAVSResult>
</businessRules>

Search for the transaction in the
Business Center
(depending on which one you normally use), look at the description of the error on the Transaction Detail page, and call your processor to determine if and why they are rejecting the transaction.
Contact
Cybersource
Customer Support to confirm whether your error is truly caused by a
Cybersource
system issue.

The directory that contains your security key
The location of the
Cybersource
server

Collects information for the Cybersource services that you will use
Assembles the order information into requests
Sends the requests to the Cybersource server
The Cybersource servers do not support persistent HTTP connections.
Processes the reply information

using System;
using System.Net;
using System.Security.Cryptography;
using System.ServiceModel;
using System.ServiceModel.Security;
using CyberSource.Clients;
using CyberSource.Clients.SoapWebReference;

RequestMessage request = new RequestMessage();

request.merchantID = "infodev";

request.ccAuthService = new CCAuthService();
request.ccAuthService.run = "true";

request.ccAuthService = new CCAuthService();
request.ccAuthService.run = "true";
request.ccCaptureService = new CCCaptureService();
request.ccCaptureService.run = "true";

BillTo billTo = new BillTo();
billTo.firstName = "Jane";
billTo.lastName = "Smith";
request.billTo = billTo;
Card card = new Card();
card.accountNumber = "4111111111111111";
request.card = card;
// there is one item in this sample
request.item = new Item[1];
Item item = new Item();
item.id = "0";
item.unitPrice = "29.95";
request.item[0] = item;

try {
  ReplyMessage reply = 
SoapClient.RunTransaction( request );
  SaveOrderState();
  // Using the Decision and Reason Code describes the ProcessReply
  // method.
  ProcessReply( reply );
} catch (CryptographicException ce) {
  SaveOrderState();
  Console.WriteLine( ce.ToString() );
  Console.WriteLine( sbe.ToString() );
} catch (WebException we) {
  SaveOrderState();
  /*
   * Some types of WebException indicate that the transaction may have been
   * completed by CyberSource. The sample code shows how to identify these exceptions.
   * If you receive such an exception, and your request included a payment service,
   * you should use the Cybersource transaction search screens to determine whether
   * the transaction was processed.
   */
  Console.WriteLine( we.ToString() );
}
private static void SaveOrderState() {
  /*
   * This is where you store the order state in your system for post-transaction
   * analysis. Be sure to store the consumer information, the values of the reply
   * fields, and the details of any exceptions that occurred.
   */
}

decision
: A one-word description of the results of your request. The decision is one of the following:
ACCEPT
if the request succeeded
REJECT
if one or more of the services in the request was declined
REVIEW
if you use
Decision Manager
and it flags the order for review. See For Cybersource Advanced Merchants: Handling Decision Manager Reviews for more information.
ERROR
if there was a system error. See Retrying When System Errors Occur for important information about handling retries in the case of system errors.
reasonCode
: A numeric code that provides more specific information about the results of your request.

private static bool ProcessReply( ReplyMessage reply ) {
  string template = GetTemplate( reply.decision.ToUpper() );
  string content  = GetContent( reply );
  // This example writes the message to the console. Choose an appropriate display
  // method for your own application.
  Console.WriteLine( template, content );
}
private static string GetTemplate( string decision ) {
  // Retrieves the text that corresponds to the decision.
  if ("ACCEPT".Equals( decision )) {
    return( "The order succeeded.{0}" );
  }
  if ("REJECT".Equals( decision )) {
    return( "Your order was not approved.{0}" );
  }
  
  // ERROR, or an unknown decision
  return( "Your order could not be completed at this time.{0}" +
          "\nPlease try again later." );
}
private static string GetContent( ReplyMessage reply ) {
  /*
   * Uses the reason code to retrieve more details to add to the template.
   * The messages returned in this example are meant to demonstrate how to retrieve
   * the reply fields. Your application should display user-friendly messages.
   */
  int reasonCode = int.Parse( reply.reasonCode );
  switch (reasonCode) {
    // Success
    case 100:
      return( "\nRequest ID: " + reply.requestID );
    // Missing field or fields
    case 101:
      return( "\nThe following required fields are missing: " +
              EnumerateValues( reply.missingField ) );
    // Invalid field or fields
    case 102:
      return( "\nThe following fields are invalid: " +
              EnumerateValues( reply.invalidField ) );
    // Insufficient funds
    case 204:
      return( "\nInsufficient funds in the account. Please use a " +
              "different card or select another form of payment." );
    // Add additional reason codes here that you must handle more specifically.
    default:
      // For all other reason codes, such as unrecognized reason codes or codes
      // that do not require special handling, return an empty string.
      return( String.Empty );
  }
}
private static string EnumerateValues( string[] array ) {
  System.Text.StringBuilder sb = new System.Text.StringBuilder();
  foreach (string val in array) {
    sb.Append( val + "\n" );
  }
  return( sb.ToString() );
}

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

BusinessRules businessRules = new BusinessRules();
businessRules.ignoreAVSResult = "true";
request.businessRules = businessRules;

Search for the transaction in the
Business Center
(depending on which one you normally use), look at the description of the error on the Transaction Detail page, and call your processor to determine if and why the transaction was rejected.
Contact
Cybersource
Customer Support to confirm whether your error is truly caused by a
Cybersource
system issue.

ServicePoint sp = ServicePointManager.FindServicePoint(uri);
sp.ConnectionLimit = config.ConnectionLimit;

<system.net>
  <connectionManagement>
    <add address = "https://ics2wstesta.ic3.com" maxconnection = "12" />
    <add address = "https://ics2wsa.ic3.com" maxconnection = "12" />
    <add address = "*" maxconnection = "2" />
  </connectionManagement>
</system.net>

ServicePointManager.DefaultConnectionLimit = your_value_here;

Managing Connections in the
.Net Framework Developer's Guide
(http://msdn2.microsoft.com/en-us/library/7af54za5.aspx).

<?xml version="1.0"?>
<configuration>
   <appSettings>
      <add key="cybs.merchantID" value="your_merchant_id"/>
      <add key="cybs.keysDirectory" value="c:\keys"/>
      <add key="cybs.sendToProduction" value="false"/>
      <!-- Logging should normally be disabled in production as it would  -->
      <!-- slow down the processing.  Enable it only when troubleshooting -->
      <!-- an issue.                                                      -->
      <add key="cybs.enableLog" value="false"/>
      <add key="cybs.logDirectory" value="C:\Program Files\CyberSource Corporation\simapi-net-2.0-5.0.0\logs"/>
      <!-- Please refer to the Connection Limit section in the README for -->
      <!-- details on this setting and alternate ways to set the          -->
      <!-- connection limit.  When not specified or is set to -1, the     -->
      <!-- client will implicitly use the connection limit currently in   -->
      <!-- force, which would be 2 if none of the alternate methods are   -->
      <!-- used.                                                          -->
      <add key="cybs.connectionLimit" value="-1"/>
   </appSettings>
</configuration>

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Checkout.aspx.vb" 
Inherits="NVP" Debug="true"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
   <title>Name Value Pair - Order Page</title>
</head>
<body>
<form action="Checkout2.aspx" method="post">
Please confirm the information below and click the Submit button to perform the
authorization.
<br/>
   <h3>Billing Information</h3>
   First Name:<br/>
   <input type="text" name="billTo_firstName" value="John"/>
   <br/>Last Name:<br/>
   <input type="text" name="billTo_lastname" value="Doe"/>
   <br/>Street Address:<br/>
   <input type="text" name="billTo_street1" value="1295 Charleston Road"/>
   <br/>City:<br/>
   <input type="text" name="billTo_city" value="Mountain View"/>
   <br/>State:<br/>
   <input type="text" name="billTo_state" value="CA"/>
   <br/>Postal Code:<br/>
   <input type="text" name="billTo_postalCode" value="94043"/>
   <br/>Country:<br/>
   <input type="text" name="billTo_country" value="US"/>
   <br/>
   <h3>Credit Card Information</h3>
   Amount:<br/>
   <input type="text" name="item_0_unitPrice" value="10.00"/>
   <br/>Credit Card Number:<br/>
   <input type="text" name="card_accountNumber" value="4111111111111111"/>
   <br/>Expiration month (mm):<br/>
   <input type="text" name="card_expirationMonth" value="12"/>
   <br/>Expiration year (yyyy):<br/>
   <input type="text" name="card_expirationYear" value="2010"/>
   <br/>Email Address:<br/>
   <input type="text" name="billTo_email" value="nobody@cybersource.com"/>
   <br/><input type="submit" value="Submit"/>
</form>
</body>
</html>

Partial Class NVP
   Inherits System.Web.UI.Page
End Class

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Checkout2.aspx.vb" 
Inherits="NVP2" Debug="true"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
   <title>Name Value Pair - Receipt</title>
</head>
<body>
   <form id="form1" runat="server">
   <div>
   </div>
   </form>
</body>
</html>

Imports CyberSource.Clients.NVPClient
Partial Class NVP2
   Inherits System.Web.UI.Page
   Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
      'Declare the request hashtable
      Dim oRequest As New Hashtable
      'Add non-user input fields
      oRequest.Add("ccAuthService_run", "true")
      oRequest.Add("merchantReferenceCode", "MRC-5254555")
      'Add user input fields from post
      oRequest.Add("billTo_firstName", Request.Form("billTo_firstName"))
      oRequest.Add("billTo_lastName", Request.Form("billTo_lastName"))
      oRequest.Add("billTo_street1", Request.Form("billTo_street1"))
      oRequest.Add("billTo_city", Request.Form("billTo_city"))
      oRequest.Add("billTo_state", Request.Form("billTo_state"))
      oRequest.Add("billTo_postalCode", Request.Form("billTo_postalCode"))
      oRequest.Add("billTo_country", Request.Form("billTo_country"))
      oRequest.Add("billTo_email", Request.Form("billTo_email"))
      oRequest.Add("card_accountNumber", Request.Form("card_accountNumber"))
      oRequest.Add("card_expirationMonth", Request.Form("card_expirationMonth"))
      oRequest.Add("card_expirationYear", Request.Form("card_expirationYear"))
      oRequest.Add("item_0_unitPrice", Request.Form("item_0_unitPrice"))
      oRequest.Add("purchaseTotals_currency", "USD")
      'Declare the reply hashtable
      Dim varReply As New Hashtable
      'Run the transaction
      varReply = CyberSource.Clients.NVPClient.RunTransaction(oRequest)
      'Print reply data to the browser
      Response.Write("reasonCode: " & varReply("reasonCode").ToString)
      Response.Write("<BR>Decision: " & varReply("decision").ToString)
      Response.Write("<BR>RequestID: " & varReply("requestID").ToString)
      Response.Write("<BR>Merchant Reference Code: " & varReply("merchantReferenceCode").ToString)
   End Sub
End Class

Name-value pairs: simpler to use. The test that you run immediately after installing the client uses name-value pairs.
XML: requires you to create and parse XML documents

Name-value pairs: See
AuthCaptureSample.java
in <main directory>
/samples/nvp/src/com/cybersource/sample
.
XML: Before implementing your code to process XML requests, we recommend that you examine the name-value pair sample code listed above.

package com.cybersource.sample;
import java.util.*;
import com.cybersource.ws.client.*;
public class SimpleAuthSample
{
  public static void main( String[] args )
  {
    Properties props = Utility.readProperties( args );
    HashMap request = new HashMap();
    // In this sample, we are processing a credit card authorization.
    request.put( "ccAuthService_run", "true" );
    // Add required fields
    request.put( "merchantReferenceCode", "MRC-14344" );
    request.put( "billTo_firstName", "Jane" );
    request.put( "billTo_lastName", "Smith" );
    request.put( "billTo_street1", "1295 Charleston Road" );
    request.put( "billTo_city", "Mountain View" );
    request.put( "billTo_state", "CA" );
    request.put( "billTo_postalCode", "94043" );
    request.put( "billTo_country", "US" );
    request.put( "billTo_email", "jsmith@example.com" );
    request.put( "card_accountNumber", "4111111111111111" );
    request.put( "card_expirationMonth", "12" );
    request.put( "card_expirationYear", "2010" );
    request.put( "purchaseTotals_currency", "USD" );
    // This sample order contains two line items.
    request.put( "item_0_unitPrice", "12.34" );
    request.put( "item_1_unitPrice", "56.78" );
    // Add optional fields here according to your business needs.
    // For information about processing the reply,
    // see Using the Decision and Reason Code Fields.
    try
    {
        HashMap reply = Client.runTransaction( request, props );
    }
    catch (ClientException e) {
        if (e.isCritical())
        {
            handleCriticalException( e, request );
        }
    }
    catch (FaultException e) {
        if (e.isCritical())
        {
            handleCriticalException( e, request );
        }    
    }
  }
}

This client is supported on the Windows 2000/XP/2003, Linux, and Solaris platforms.
The minimum Java SDK supported are Oracle or IBM Java SDK 1.6 or later. Depending on the package that you choose, you also need one of these:
For Oracle Java SDK versions earlier than 1.4.0, you need the Java Secure Socket Extension (JSSE) 1.0.3_02 or later (see http://java.sun.com/products/jsse).
For IBM Java SDK, you need IBMJSEE 1.0.2 or later.
Maven 3 or later.
Unlimited Strength Jurisdiction Policy files from Oracle® (
US_export_policy.jar
and
local_policy.jar
), available at: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

Collect information for the
Cybersource
services that you will use
Assemble the order information into requests
Send the requests to the
Cybersource
server
The
Cybersource
servers do not support persistent HTTP connections.
Process the reply information

import java.util.*;
import com.cybersource.ws.client.*;

Properties props = Utility.readProperties( args );

HashMap request = new HashMap();

request.put( "ccAuthService_run", "true" );

request.put( "ccAuthService_run", "true" );
request.put( "ccCaptureService_run", "true" );

request.put( "businessRules_ignoreAVSResult", "true" );

request.put( "billTo_firstName", "Jane" );
request.put( "billTo_lastName", "Smith" );
request.put( "card_accountNumber", "4111111111111111" );
request.put( "item_0_unitPrice", "29.95" );

try {
  HashMap reply = Client.runTransaction( request, props );
  //Using the Decision and Reason Code Fields illustrates how you
  //might design a ProcessReply() method to handle the reply.
  processReply( reply );
}
catch (FaultException e)
{
  System.out.println( e.getLogString() );
}
catch (ClientException e)
{
  System.out.println( e.getLogString() );
}

decision
: A one-word description of the results of your request. The possible values are as follows:
ACCEPT
if the request succeeded.
REJECT
if one or more of the services in the request was declined.
REVIEW
(Advanced package only) if you use
Decision Manager
, and the order is marked for review. For more information, see Handling Decision Manager Reviews (Cybersource Advanced Services Only).
ERROR
if a system error occurred. For more information, see Handling System Errors.
reasonCode
: A numeric code that provides more specific information about the results of your request.

private static boolean processReply( HashMap reply )
  throws ClientException {
    MessageFormat template = new MessageFormat(
    getTemplate( (String) reply.get( "decision" ) ) );
    Object[] content = { getContent( reply ) };
    /*
     * This example writes the message to the console. Choose an appropriate display
     * method for your own application.
     */
    System.out.println( template.format( content ) );
}
private static String getTemplate( String decision ) {
  // Retrieves the text that corresponds to the decision.
  if ("ACCEPT".equalsIgnoreCase( decision )) {
    return( "Your order was approved.{0}" );
  }
  if ("REJECT".equalsIgnoreCase( decision )) {
    return( "Your order was not approved.{0}" );
  }
  // ERROR
  return( "Your order cannot be completed at this time.{0}" +
          "\nPlease try again later." );
}
private static String getContent( HashMap reply )
  throws ClientException {
  /*
   * Uses the reason code to retrieve more details to add to the template.
   * The strings returned in this sample are meant to demonstrate how to retrieve
   * the reply fields. Your application should display user-friendly messages.
   */
  int reasonCode =
    Integer.parseInt( (String) reply.get( "reasonCode" ) );
  switch (reasonCode) {
    // Success
    case 100:
      return( "\nRequest ID: " + (String) reply.get( "requestID" );
    // Missing field or fields
    case 101:
      return( "\nThe following required field(s) are missing:\n" +
              enumerateValues( reply, "missingField" ) );
    // Invalid field or fields
    case 102:
      return( "\nThe following field(s) are invalid:\n" +
               enumerateValues( reply, "invalidField" ) );
    // Insufficient funds
    case 204:
      return( "\nInsufficient funds in the account. Please use a different " +
              "card or select another form of payment." );
    // Add additional reason codes here that you must handle specifically.
    default:
      // For all other reason codes (for example, unrecognized reason codes, or
      // codes that do not require special handling), return an empty string.
      return( "" );
  }
}
private static String enumerateValues( Map reply, String fieldName ) {
  StringBuffer sb = new StringBuffer();
  String key, val = "";
  for (int i = 0; ; ++i) {
    key = fieldName + "_" + i;
    if (!reply.containsKey( key )) {
      break;
    }
    val = (String) reply.get( key );
    if (val != null) {
      sb.append( val + "\n" );
    }
  }
  return( sb.toString() );
}

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

Find the transaction in the
Business Center
. After looking at the description of the error on the transaction details page, call your processor to determine if and why the transaction was rejected. If your processor is
TSYS Acquiring Solutions
, you may want to follow this option because this processor can return several system errors that only it can address.
Contact
Cybersource
Customer Support to determine whether the error is caused by a
Cybersource
system issue.

Collect information for the
Cybersource
services that you will use
Assemble the order information into requests
Send the requests to the
Cybersource
server
The
Cybersource
servers do not support persistent HTTP connections.
Process the reply information

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
</requestMessage>

   Namespace: urn:schemas-cybersource-com:transaction-data-
   
1.18

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-
1.18">
  <ccAuthService run="true"/>
</requestMessage>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.18">
  <ccAuthService run="true"/>
  <ccCaptureService run="true"/>
</requestMessage>

<businessRules>
    <ignoreAVSResult>true</ignoreAVSResult>
</businessRules>

<?xml version="1.0" encoding="utf-8"?>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-
1.18">
  <billTo>
    <firstName>Jane</firstName>
    <lastName>Smith</lastName>
  </billTo>
  <item id="0">
    <unitPrice>29.95</unitPrice>
  </item>
  <card>
    <accountNumber>4111111111111111</accountNumber>
  </card>
  <ccAuthService run="true"/>
</requestMessage>

import java.io.*;
import java.util.*;
import javax.xml.parsers.*;
import org.w3c.dom.*;
import org.xml.sax.*;
import com.cybersource.ws.client.*;

Properties props = Utility.readProperties( args );

try {
  Document request = readRequest( props, args );
  // The sample reads the files specified in the command line, or if no files are
  // specified, the sample looks for cybs.properties and auth.xml in the current
  // directory.
  Document reply = XMLClient.runTransaction( request, props );
  // Using the Decision and Reason Code Fields illustrates how you might
  // design a ProcessReply() method to handle the reply.
  processReply( reply );
}
catch (FaultException e)
{
  e.printStackTrace();
  System.out.println( e.getLogString() );
}
catch (ClientException e)
{
  e.getInnerException().printStackTrace();
  System.out.println( e.getLogString() );
}

decision
: A one-word description of the results of your request:
ACCEPT
if the request succeeded.
REJECT
if one or more of the services in the request was declined.
REVIEW
(Advanced package only) if you use
Decision Manager
, and the order is marked for review. For more information, see Handling Decision Manager Reviews (Cybersource Advanced Merchants).
ERROR
if a system error occurred. For more information, see Handling System Errors.
reasonCode
: A numeric code that provides more specific information about the results of your request.

private static boolean processReply( Document reply )
  throws ClientException {
  // The following code allows you to use XPath with the Cybersource schema, which
  // uses a non-empty default namespace.
  XPathAPI xp = new XPathAPI();
  Element nsNode = reply.createElement( "nsNode" );
  // The version number (1.20) at the end of the namespaceURI below is an example.
  // Change it to the version of the API that you are using.
  nsNode.setAttribute("xmlns:cybs", "urn:schemas-cybersource-com:transaction-data

    -1.20" );
  Node replyMessage =
    getNode( xp, reply, "cybs:replyMessage", nsNode );
  String decision =
    getText( xp, replyMessage, "cybs:decision", nsNode );		
  MessageFormat template =
    new MessageFormat( getTemplate( decision ) );
  Object[] content = { getContent( xp, replyMessage, nsNode ) };
  /*
   * This example writes the message to the console. Choose an appropriate display
   * method for your own application.
   */
  System.out.println( template.format( content ) );
}
  private static String getTemplate( String decision ){
    // Retrieves the text that corresponds to the decision.
    if ("ACCEPT".equalsIgnoreCase( decision )) {
      return( "Your order was approved.{0}" );
    }
    if ("REJECT".equalsIgnoreCase( decision )) {
      return( "Your order was not approved.{0}" );
    }
    // ERROR, or unknown decision
    return( "Your order cannot be completed at this time.{0}" +
            "\nPlease try again later." );
}
private static String getContent(
  XPathAPI xp, Node ctxNode, Node nsNode )
  throws XMLClientException {
  /*
   * Uses the reason code to retrieve more details to add to the template.
   * The strings returned in this sample are meant to demonstrate how to retrieve
   * the reply fields. Your application should display user-friendly messages.
   */
  int reasonCode = Integer.parseInt(
    getText( xp, ctxNode, "cybs:reasonCode", nsNode ) );
  switch (reasonCode) {
    // Success
    case 100:
      return ( "\nRequest ID: " +
        getText( xp, ctxNode, "cybs:requestID", nsNode ) );
    // Missing field or fields
    case 101:
      return( "\nThe following required field(s) are missing:\n" +
      enumerateValues( xp, ctxNode, "cybs:missingField", nsNode ) );
    // Invalid field or fields
    case 102:
      return( "\nThe following field(s) are invalid:\n" +
      enumerateValues( xp, ctxNode, "cybs:invalidField", nsNode ) );
    // Insufficient funds
    case 204:
      return( "\nInsufficient funds in the account. Please use a " +
              "different card or select another form of payment." );
    // Add additional reason codes here that you must handle specifically.
    default:
      // For all other reason codes (for example, unrecognized reason codes, or
      // codes that do not require special handling), return an empty string.
      return( "" );
  }
}
private static String enumerateValues(
  XPathAPI xp, Node ctxNode, String xpath, Node nsNode )
  throws TransformerException {
  try {
    StringBuffer sb = new StringBuffer();
    NodeList list =
      xp.selectNodeList( ctxNode, xpath + "/text()", nsNode );
    if (list != null) {
      for (int i = 0, len = list.getLength(); i < len; ++i) {
        sb.append( list.item( i ).getNodeValue() + "\n" );
      }
    }
    return( sb.toString() );
  }
}

If you authorize and capture the credit card payment at the same time, treat the
REVIEW
response like a
REJECT
response. Rejecting any orders that are marked for review may be appropriate if your product is a software download or access to a Web site. If supported by your processor, you may also want to reverse the authorization.
If you approve the order after reviewing it, convert the order status to
ACCEPT
in your order management system. You can request the credit card capture without requesting a new authorization.
If you approve the order after reviewing it but cannot convert the order status to
ACCEPT
in your system, request a new authorization for the order. When processing this new authorization, you must disable
Decision Manager
. Otherwise the order will be marked for review again. For details about the API field that disables
Decision Manager
, see the
Decision Manager
User Guide
.

Find the transaction in the
Business Center
. After looking at the description of the error on the transaction details page, call your processor to determine if and why the transaction was rejected. If your processor is
TSYS Acquiring Solutions
, you may want to follow this option because this processor can return several system errors that only it can address.
Contact
Cybersource
Customer Support to determine whether the error is caused by a
Cybersource
system issue.

Test server URLs:
Internet endpoint:
https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor
Akamai endpoint:
https://ics2wstesta.ic3.com/commerce/1.x/transactionProcessor
Production server URLs:
Internet endpoint:
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
Akamai endpoint:
https://ics2wsa.ic3.com/commerce/1.x/transactionProcessor
India endpoint:
https://ics2ws.in.ic3.com/commerce/1.x/transactionProcessor
Namespace URI:
urn:schemas-cybersource-com:transaction-data-1.18
.

merchant123.enableLog=true
enableLog=false

java -Dcybs.enableLog=false -Dcybs.merchant123.enableLog=true
myApplication

java.net.MalformedURLException: unknown protocol: https

Name-value pairs, which are simpler to use than XML
XML, which requires you to create and parse XML documents

// Load the configuration settings
$config = cybs_load_config( 'cybs.ini' );
// set up the request by creating an array and adding fields to it
$request = array();
// We want to do credit card authorization in this example
$request['ccAuthService_run'] = "true";
// Add required fields
$request['merchantID'] = 'infodev';
$request['merchantReferenceCode'] = 'MRC-14344';
$request['billTo_firstName'] = 'Jane';
$request['billTo_lastName'] = 'Smith';
$request['billTo_street1'] = '1295 Charleston Road';
$request['billTo_city'] = 'Mountain View';
$request['billTo_state'] = 'CA';
$request['billTo_postalCode'] = '94043';
$request['billTo_country'] = 'US';
$request['billTo_email'] = 'jsmith@example.com';
$request['card_accountNumber'] = '4111111111111111';
$request['card_expirationMonth'] = '12';
$request['card_expirationYear'] = '2010';
$request['purchaseTotals_currency'] = 'USD';
// This example has two items
$request['item_0_unitPrice'] = '12.34';
$request['item_1_unitPrice'] = '56.78';
// Add optional fields here according to your business needs
// Send request
$reply = array();
$status = cybs_run_transaction( $config, $request, $reply );
// Handle the reply. See Handling the Return Status

Name-value pairs: See
authCaptureSample.php
in <installation directory>
/samples/nvp
.
XML: We suggest that you examine the name-value pair sample code listed above before implementing your code to process XML requests.

Linux kernel 2.2, LibC6 on an Intel processor (for RedHat users, this currently corresponds to versions 7.1 and 7.2)
PHP4 (minimum version 4.2.1) or PHP5 (5.0.0–5.0.3 and 5.1.0-5.1.2)
GNU GCC

Windows XP, 2000, or newer
Minimum PHP version 4.2.1