I’ve seen a few possibilities in the forum for API HOST URLS, but none have helped. It seems adding :8443 worked and then didn’t … it loses it’s validation. I continue to receive?“The CardConnect credentials you have appear to be invalid.” As well as the testing credentials I’ve used previously (back in Nov 2023) will not validate either.

Production URLs Used/tested: Most are from a CardConnect/CardPointe representative. I’ve tested in multiple browers. Authorize.net works seemlessly.
fts.cardconnect.com:6443 (this is a API HOST that worked for a second)
fts.cardconnect.com:8443
fts.cardconnect.com/cardconnect/rest
https://fts.cardconnect.com/cardconnect/rest
https://fts.cardconnect.com/cardconnect/rest/

ISV Integration said to reach out to gravity forms or the CardConnect plugin developer. Hence me submitting.

I have created hook to pass custom fields to card pointe. Further implementation will be needed. It works with no problem for now.

// Add this to your template file or custom code snippet plugin

add_filter('add_custom_field', 'custom_authorize_fields', 10, 6);
function custom_authorize_fields( $request, $feed, $submission_data, $form, $entry, $max_retries ) {
	if ($form['id'] == 33){
	$firstName     = rgpost( 'input_3_3', true );
	$lastName      = rgpost( 'input_3_6', true );
	$customerID    = rgpost( 'input_5' );
	$invoiceNumber = rgpost( 'input_12' );
	$clinicName    = rgpost( 'input_6' );
	$cardHolderName = rgpost( 'input_1_5' );
	$email = rgpost('input_4');
	$telephone = rgpost('input_16');

	
     $request ['email']   = $email;
	 $request['phone'] = $telephone;
     $request['userfields'] = array(
	'firstName'     => $firstName,
	'lastName'      => $lastName,
	'customerID'    => $customerID,
	'invoiceNumber' => $invoiceNumber,
	'company'    => $clinicName,
	'cardHolderName' => $cardHolderName,
);
   
	 }
	

	return $request;
}

// This is inserted in the cardpointe plugin in wp-content/plugins/integration-for-cardconnect-and-gravity-forms/class-gravityforms-cardconnect.php
// Is on line 720. in function authorize()
// $request = apply_filters( 'add_custom_field', $request, $feed, $submission_data, $form, $entry, $max_retries);

On line 713 of class-gravityforms-cardconnect.php, the plugin is passing a field called “street” to the CardPointe API. The actual field that should be passed is “address”. Without this setup properly, AVS checks fail.

For reference: https://developer.cardpointe.com/cardconnect-api#authorization-request

Hi there!

We have had cardonnect reset the creds twice and we still get the same
“The CardConnect credentials you have appear to be invalid.” error. Any tips to get it to work?

Thank you for your help!

Hi, thank you for this valuable plugin. Is it possible and what would be required to submit the credit card data as authorize only? Thanks!

Hello. I have you plugin activated and I did receive the username, pw and API url from cardconnect. But, the URL is invalid. They have given me several, and I also read some of the other posts about this. I tried many per those suggestions but I cannot get this to work. I double and triple checked the username/pw, and they are correct.

Can you please tell me which API URLs work? Thank you.

Hello there,

We are tyring to figure out if AMEX was turned off in the plugin we set up, or if it is controlled elsewhere? When going to our form, it does not show the AMEX logo, but it is turned on in the CardPointe settings.

Is this something you can help provide some direction on?

Thank you,

David

I have entered the test API credentials for CardConnect as shown below:

Merchant ID: [redacted by moderator]

API Username: [redacted by moderator]

API Password: [redacted by moderator]

API Host: https://fts-uat.cardconnect.com/cardconnect/rest/

I am getting an error that says: The CardConnect credentials you have appear to be invalid.

Any thoughts from your side?

Thanks for the help

• This topic was modified 2 years, 6 months ago by Steven Stern (sterndata).
• This topic was modified 2 years, 6 months ago by Steven Stern (sterndata).

Hi Gravity Forms,

I was assisting with a Gravity Forms -> Cardpointe integration and noticed that gravity forms does not currently support custom fields. Could this be added into the roadmap for your development team?

POST request to https://fts.cardconnect.com/cardconnect/rest/auth

{
    "merchid": "omitted",
    "track":" omitted",
    "expiry": "omitted",
    "ecomind": "E",
    "amount": "1",
    "currency": "USD",
    "name": "Cardpointe Test Trnx",
    "capture": "y",
    "userfields": {"customproduct": "This originated with form submission 2", "customdata": "another custom field"}
}

The API call above will send custom fields to the Cardpointe transactions. This is crutial for a merchant because they are looking to identify the exact gravity form used for a payment. This information can surely be found within gravity forms itself, but it’s benefical for this merchant to not allow more users into their wordpress site; as they mostly work inside the cardpointe virtual terminal/website.

Let me know if you need any further information on the “userfield” key.

Hello!

First things first: thank you so much for developing this extension. It’s the only one we found that met the criteria for a client’s integration and it works well in both live and uat environments. That being said, we just went through the user acceptance testing (UAT) for this client to go live and hit some issues with requirements to get accepted that were not possible with this extension:
1. Tokenizing the CC no. (PAN) before sending the authorize request
2. Adding an “ecomind” value to the authorize request

At first these were presented to us as “suggestions” but as the process went on it became clear that we would not be able to go live without meeting these requirements (unless we wanted to pay a 3rd party for level 1 or 2 PCI). These might be new requirements or something, I don’t know. At any rate, I made some changes to the class-gravityforms-cardconnect.php (lines 680-716) in the extension to meet these requirements. Below is the code that I added. The ecomind is an easy one-line addition to the request array. They told me that it could always be set to ‘E’ since it’s eCommerce we are dealing with. Tokenizing the CC no., however, is a bit more involved and requires an API call to a different endpoint before sending the actual auth request. That API call is very simple, though, and only requires one param.

I know this is a bit of a hack to get up and running so I wanted to inquire about getting these changes added to the official code of the extension. Maybe at the very least you could wrap the request array in an apply_filter() call so that we have an official way to modify the data?

Let me know what you think.

Thank you again,
Tate

$url = 'https://xxx-uat.cardconnect.com/cardsecure/api/v1/ccn/tokenize';
$account = rgar( $submission_data, 'card_number' );
$data = json_encode( array( 'account' => $account ) );
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, 'POST' );
curl_setopt( $ch, CURLOPT_POSTFIELDS, $data );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen( $data ) )
);
$result = curl_exec( $ch );
curl_close( $ch );
$result = json_decode( $result, true );
$token = $result['token'];

$request = array(
	'merchid'  => $this->get_merchant_id(),
	'accttype' => $card_type,
	'account'  => $token,
	'expiry'   => sprintf(
		'%02d%02d',
		rgars( $submission_data, 'card_expiration_date/1' ),
		rgars( $submission_data, 'card_expiration_date/0' )
	),
	'cvv2'     => rgar( $submission_data, 'card_security_code' ),
	'amount'   => $this->get_amount_export( $submission_data['payment_amount'], rgar( $entry, 'currency' ) ),
	'currency' => rgar( $entry, 'currency' ),
	'name'     => rgar( $submission_data, 'card_name' ),
	'street'   => rgar( $submission_data, 'address' ),
	'city'     => rgar( $submission_data, 'city' ),
	'region'   => rgar( $submission_data, 'state' ),
	'country'  => rgar( $submission_data, 'country' ),
	'postal'   => rgar( $submission_data, 'zip' ),
	'tokenize' => 'Y',
	'ecomind'  => 'E'
);

The regex check in get_api_url() is wrong as it’s not accepting hostnames that contain a dash (“-“). For example, I wanted to test against the UAT environment of “fts-uat.cardconnect.com” and this hostname did not pass the regex check.

It would probably be better to use PHP’s FILTER_VALIDATE_DOMAIN validator instead of writing your own regex.

Alternatively, “^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$” seems to be a widely accepted regex for hostname checking.

I updated my local code to use “/^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]):[0-9]+$/“

When a card is processed, even when the user enters in their Card Holder Name, the name is not showing up in CardPointe. That field is just left blank, even though the other information is included, and the card runs correctly. We’re just not sure what could be causing the name to not be pulled in as well.

I have the correct merchant ID, username & password but the API URL is not working. When I use fts.cardconnect.com that does not work and CardConnect doesn’t have any other information to help with this.

Can anyone help me?

I have set up the plugin according to the instructions. I get a success message on connecting to CardConnect in the plugin settings. (The CardConnect credentials you have entered are valid.) I have created a payment form with the most recent Gravity Forms version and then set up a payment feed in the form settings. But when I try to use the form to pay I get the following error: “Invalid merchant”

Thank you for creating this plugin!

The plugin is mostly working, except the amount needs to be multiplied by 100 before sending to the API if you are submitting without decimal places. I attempted a charge of $29 and it went through as $0.29.