Skip to main content
Rate this article:

Magento 2 plugin configuration


Prior to installation of the Verifone Hosted cart the following prerequisites must be met

  • A Magento 2 Installation (Version 2.3.x or 2.4.x)
  • sftp/scp and shell access to your server


  1. Download the latest release and extract the archive.
  2. Upload the included Verifone directory to 'app/code/' under your Magento root directory on your server.
  3. Shell into your server and navigate to your Magento root directory.
  4. Install the module by running 'bin/magento setup:upgrade' and 'bin/magento setup:di:compile'.
  5. Login to your Magento admin area to flush your Magento cache under System->Cache Management and reindex all templates under System->Index Management.


In your Magento admin navigate to Stores → Configuration → Sales → Payment Methods. There you should see 'Verifone - Credit Card Hosted Payment'.

  • Enabled - Enables the payment method
  • Title - The customer facing payment method label
  • Test Mode - Targets the test environment or live environment
  • Invoice - Invoice the order automatically when successful
  • New Order Status - Status for new orders (processing or complete should be selected)
  • Region - Region to target
  • 3DS - Enable 3DS for transactions
  • CVV on Payment - Require CVV
  • Enable/Disable cURL verify host and peer - Enable host/SSL verification
  • Credentials (see below)
Release date Build Release notes
  • Hosted checkout support
  • 3DS support
  • Refund Support

Tracking down the credentials

The credentials needed to be able to accept payments via the connector can be also found in Common Portal. 

Username and password

This is the username and password used to login to the common portal. 

Client ID

The client ID is always Common Portal.

Entity ID

The payment contract can be found in the Common Portal / Administration / Organizations. When accessing this page, the Entity ID will be available in the URL:

Magento URL

Payment Contract Id

The payment contract can be found in the Common Portal / Administration / Payment Contract Providers. When accessing the correct payment contract, the Payment Contract Id can be found in the URL:

Magento payment contract


Due to the large number of errors that can appear either in the installation, requests, platform incompatibility, etc this guide will not attempt to cover them all.

It’s highly recommended to visit the help center for more in depth troubleshooting.

All errors that may be logged will be logged in  var/log and var/reports folder.

If for whatever reason they’re not logged there then the option to view the apache or nginx logs always remains a possibility.

Common errors include:

  • Not having the currency of magento 2 set to the one that the payment contract supports.
  • Entity ID, payment contract ID, or 3ds contract ID don’t math the correct entity that they were created for.
  • Enable/Disable cURL verify host and peer being checked but the host server doesn’t have proper TLS certificates.
  • In remote cases not having the correct magento 2 version installed.
  • Make sure that the credentials are correct
  • This includes payment contract ID, Username, Password, Realm, Entity ID, Client ID, etc
  • If you’re using 3ds make sure that the card actually supports 3ds
  • Caching is often an issue with magento 2 so you may want to wipe that out. In the admin area look at the left sidebar for System → Cache Management. By clicking “Flush Magento Cache” in the new opened page you take care of that.
  • If website is down or the assets can’t be found on the server is worth going to the terminal on the server and running several magento 2 deploy commands. Read more about Magento commands.

In most cases the error may not be caused by the plugin itself as much as various other PHP errors and/or warnings.

In any case if the error is caused by a request to the Verifone server then the error message received when the request fails is very informative.

    "code": 116,
    "details": {},
    "timestamp": 1608705038970,
    "message": "Access is restricted to authenticated users only. The query can't be made without a valid JWT (check the Authorization header of your request)."

The above request was denied because the user wasn’t authorized. This is due to an invalid token being present in the Authorization bearer.

This kind of error format will be present on almost all requests that fail and will deliver a concrete error message along with it which it turn will pinpoint the problem precisely.

Rate this article:
Logo of Verifone