I’m trying to use Hosted Vault. When vault profile is created, its response (HTTP request from esqa.moneris.com) doesn’t contain any transactionKey. I see it only in Moneris documentation.
The received POST contains the following content:
Array ( [data_key] => xXy9EhyQ1phWlom94wlCnbZb5 [cust_id] => [date_stamp] => 2020-06-17 [time_stamp] => 14:55:32 [response_code] => 001 [message] => Successfully registered CC details. [res_success] => true [payment_type] => cc [cardholder] => Test XV [expiry_date] => 2101 [f4l4] => 3566***5365 [result] => 1 [avs_response_code] => null [cvd_response_code] => null [issuer_id] => null )
The console in my browser contains the same data.
Please could you help me to get transactionKey?
I found it. It has to be enabled in Hosted Vault Configuration. That is quite surprising... I expect that it should be default behavior because using any data from a request without validation is really insecure and these data can come from anywhere.