Authorize.net: Ability to hide or encrypt the API Login ID and Transaction Key in the wizard.

  • Profile Image
    mkwellness
    Asked on October 19, 2016 at 06:11 PM

    I am currently in the process of setting up a payment integration with Authorize.net. JotForm is requesting that I input a API Login ID and Transaction Key. These are top secret financial codes for the company that I work for, and it is worrisome that the ID and Transaction Key is auto-saved and is brought up for all to see when one accesses the Form Building Integration screen. Is there a way to hide the key somehow so that it is more secure, or to set it up so that the auto-fill recall is disabled?

    Thank you for your insight on this matter and looking forward to your response. 

  • Profile Image
    Kevin_G
    Answered on October 19, 2016 at 06:29 PM

    Unfortunately, the API Login ID and Transaction Key cannot be hidden from the wizard, if you open the payment wizard you will be able to see this info there.

    However, only those with access to your account will be able to see the info you have in the wizard, it means if you're the only one with access to your account then no one else will be able to see the integration info, if you have shared the form with a sub-user account then this sub-user will be able to see the integration key as well. 

    So far there is not a way to hide this info; however, you may also provide us more details about if you have shared your forms with some sub-users or if there are others with your login credentials and you do not need to allow them to see the info you've provided in the integration wizard, we will be glad to forward this to our second level and provide how it should work.

    We'll wait for your response. 

  • Profile Image
    mkwellness
    Answered on October 19, 2016 at 06:37 PM

    Hello and thank you for your prompt response!

    Yes, I have shared my account information with another colleague so that he can create another subcategory online payment system for a sister department with the payment being directed to the same company bank account. I would appreciate it if you would send me the the directions that will prevent others from seeing the login credentials in the integration wizard. 

    Many thanks and will look forward to your reply. 

  • Profile Image
    Kevin_G
    Answered on October 19, 2016 at 11:12 PM

    Unfortunately, this will not be possible at the moment, anyone with access to the form through the form builder will be able to see the API Login ID and Transaction Key, no matter if you have shared your login credentials or if you have shared your form with a sub-user account. 

    I have just tested and I can see this, I will open a feature request about this so the info entered in the integration settings could be protected if anyone else has access to the form.

    Please do note that we cannot provide an ETA about when this may be implemented; however, we will ensure to let you know as soon as we get updates regarding this.