Authentication

Authentication

Last updated: 03-Apr-2024
Rate this article:

Overview

Use the login method for the authentication process in the 2Checkout system.

Parameters

Parameters Type/Description
merchantCode required (string)
  Your merchant identifier (received from 2Checkout).
date required (string)
  UTC ISO Date format (e.g. 2010-01-01 12:13:14)
hash required (string)
  Calculated HMAC_SHA256 signature based on MerchantCode and Date, using your secret key (see example below).

Response

Parameter Type/Description

sessionID

string
  Session identifier string. An exception will be thrown if the values are incorrect. The sessionID expires in 10 minutes.

Request

To create the HMAC_SHA256 source string use your merchant code (available here) and the date of the request, prefixing them with the length in bytes of each respective value, along with your account’s secret key (for UTF-8 characters the length in bytes might be longer than the string length). For example:

Parameters Type/Description

merchantCode

Avangate

 

8AVANGATE

 

date

2010-05-13 12:12:12

 

192010-05-13 12:12:12

 

HMAC source string

8AVANGATE192010-05-13 12:12:12

 

 

 

Secret key

SECRET_KEY

 

 

Calculated HMAC_SHA256 signature based on MerchantCode and Date, using your secret key:

bf763db7d333e9c3038698cf59ada3e6

Request Example 

<?php

$host = "https://api.avangate.com/channel-manager";

$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$algo = "sha256";
$now = date('Y-m-d H:i:s'); //date_default_timezone_set('UTC')

$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash = hash_hmac($algo, $string, $key);

try {
    $client = new SoapClient($host . "/2.1/soap/?wsdl", [
        'location'       => $host . "/2.1/soap/",
        "stream_context" => stream_context_create([
            'ssl' => [
                'verify_peer'      => false,
                'verify_peer_name' => false
            ]
        ])
    ]);
    $sessionID = $client->login($merchantCode, $now, $hash, $algo);
    echo("Token: {$sessionID}" . PHP_EOL);
} catch (SoapFault $e) {
    echo("Error: {$e->getMessage()}" . PHP_EOL);
}

?>

Errors

Error Description

AUTHENTICATION_FAILED

Authentication failed

FORBIDDEN

Forbidden area

 

Related articles

Add a digital catalog product with auto-applied order promotion

Checkout with expiration using the signature in InLine Cart

Signature validation for return URL via InLine checkout

Rate this article:

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Get in touch

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Contact sales Get Started
Verifone logo