Announcement

Collapse
No announcement yet.

Entering incorrect credit card information results in "Authorization Required"

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Entering incorrect credit card information results in "Authorization Required"

    Hi there, getting this error:
    Authorization Required

    You must first log in or register before accessing this page.
    If you have forgotten your password, click Forgot Password to reset it.
    When trying to donate on : MakeWay - Donate (force.com) using an incorrect credit card. so when someone mistypes something its that error. Entering correct information seems to work ok.
    Remote admin is enabled, SFID is: 00D61000000YC6K
    Thank you

  • #2
    Good day @DanMakeway

    In order to login to your Salesforce instance, you will need to generate a temporary code for us so that we can login and review: https://help.salesforce.com/s/articl...ate.htm&type=5
    Regards,
    Click & Pledge Support Department

    On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

    Join us @ the educational webinars: https://clickandpledge.com/webinars/
    Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
    Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

    Comment


    • #3
      How do I securely share the code?

      Comment


      • #4
        DanMakeway

        You can share it here as it can be used only by those you have granted access to your instance. Otherwise, you can also open a support ticket and reference this forum thread with subject Attn: Forum

        Regards,
        Click & Pledge Support Department

        On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

        Join us @ the educational webinars: https://clickandpledge.com/webinars/
        Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
        Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

        Comment


        • #5
          the code is DIBHBLF5DV

          Comment


          • #6
            Good day @DanMakeway

            The code is expired. Would you please share the new code so we can continue the investigation?
            Regards,
            Click & Pledge Support Department

            On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

            Join us @ the educational webinars: https://clickandpledge.com/webinars/
            Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
            Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

            Comment


            • #7
              Here is the new code
              Temporary Code
              92BBRZP3AJ
              Expires
              20/01/2022 6:34 AM

              Comment


              • #8
                Good day DanMakeway

                Your are using the FaaS API platform inside Salesforce. In FaaS we have 3 URL's that are part of the required nodes:

                Please see: https://manual.clickandpledge.com/Fo...rvice_Response
                • Authorization URL
                • Decline URL
                • Error URL
                The above URL's need to be visible to the Site Guest User in Salesforce. In other words, the public visiting the page has to have the right to see all these pages.

                It appears that you have put URL's in these parameters that are not visible to the outside user. Please NOTE that these URL's are NOT part of Click & Pledge's system or in any way or form in our control. These are pages you have defined in Salesforce and since the Site Guest User does not have view access then they see Authorization Required- this is what Salesforce is telling the visitor .. simply they do not have permission to see the page.

                Please review the links you have put for those pages

                Looking at your page's HTML source I see the following:

                Click image for larger version

Name:	URLs.jpg
Views:	62
Size:	81.5 KB
ID:	62252

                If you are seeing an issue when a card declines you need to change the permission for the page you are assigning to the OnDeclineUrl

                Hope that helps. As I stated this is outside our control but make sure Site Guest User has view permission to these pages.

                On a separate NOTE: Please keep in mind that your page does not have reCAPTCHA, at least I do not see it, and your page will be, in a matter of time, target of credit card validation attacks. This is given and we see this over and over again. By using the API you are accepting responsibility for the page, the code, and the attacks if you are not incorporating safety measures. CONNECT forms have a lot of safety features built that are server side and is protected against fraud, whereas your page as it is a custom form is not protected. Just keep this in mind - the probability of attack is quite high on this page.
                Regards,
                Click & Pledge Support Department

                On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

                Join us @ the educational webinars: https://clickandpledge.com/webinars/
                Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
                Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

                Comment


                • #9
                  Hi this is very helpful. I've figured out the issue. the Error and declined pages are throwing an error, because they are also expecting the ID?=XXX paramater. is there a way to have those passed back from the form? Currently I've updated the links to be :
                  <input type="hidden" name="OnSuccessUrl" id="OnSuccessUrl" value="https://makewaygifts.secure.force.com/donate/thanks?id={!dq.id}" />
                  <input type="hidden" name="OnDeclineUrl" id="OnDeclineUrl" value="https://makewaygifts.secure.force.com/donate/declined?id={!dq.id}" />
                  <input type="hidden" name="OnErrorUrl" id="OnErrorUrl" value="https://makewaygifts.secure.force.com/donate/error?id={!dq.id}" />

                  but on an error, it gets overwritten to:
                  /error?id=a3061000000lXOaAAM?err=Cardnumber%20is%20 invalid&hashresponse=ZGEzOWEzZWU1ZTZiNGJkMzI1NWJmZ WY5NTYwMTg5MGFmZDg3OQ==&RefID=web

                  The error is having two ? in the parameters.

                  this is the same issue as this post: Error Redirect fails when an existing ID in the redirect url - ClickandPledge.com Support Forum

                  I've given you access to my login again:
                  Username
                  [email protected]
                  Temporary Code
                  IIYAGIGD01
                  Expires
                  21/01/2022 9:08 PM
                  Last edited by DanMakeway; 01-20-2022, 11:08 PM.

                  Comment


                  • #10
                    Updating with new code

                    Temporary Code
                    ZBKKQJY4QH
                    Expires
                    25/01/2022 7:12 AM

                    Comment


                    • #11
                      DanMakeway

                      We are reviewing your case and get back to you shortly. For now, we don't need SF Temp Code. If needed we will request you.

                      Thank you for your patience.
                      Regards,
                      Click & Pledge Support Department

                      On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

                      Join us @ the educational webinars: https://clickandpledge.com/webinars/
                      Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
                      Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

                      Comment


                      • #12
                        Hi, any updates? thank you

                        Comment


                        • #13
                          Good day @DanMakeway

                          Yes, we have identified an issue with URL parameters with ??. We are working on it and will be addressed as soon as possible. I will update this post once it is fixed.
                          Regards,
                          Click & Pledge Support Department

                          On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

                          Join us @ the educational webinars: https://clickandpledge.com/webinars/
                          Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
                          Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

                          Comment


                          • #14
                            Good day @DanMakeway

                            We have fixed the issue with URL parameters with ??.

                            Please test it and let us know if we can be of any further assistance.
                            Regards,
                            Click & Pledge Support Department

                            On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

                            Join us @ the educational webinars: https://clickandpledge.com/webinars/
                            Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
                            Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

                            Comment

                            Working...
                            X