Sample code for 30+ languages & platforms
C#

Cybersource Process Payment

Process a Payment. Demonstrates how to send a POST request to the Cybersource API with HTTP signature authorization.

Chilkat C# Downloads

C#
bool success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Chilkat.JsonObject json = new Chilkat.JsonObject();

// Create the following JSON:
// 
// {
//   "keyId": "aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
//   "hmacKey": "Bx42CFD+cp++kMdkmavDMqVCN6YwNQ0M1bRmcxsLal5=",
//   "algorithm": "HmacSHA256",
//   "headers": [
//     "host",
//     "(request-target)",
//     "digest",
//      "v-c-merchant-id"
//   ]
// }

// Substitute your actual API key and API secret in place of "api-key" and "api-secret"
json.UpdateString("keyId","api-key");
json.UpdateString("hmacKey","api-secret");
json.UpdateString("algorithm","HmacSHA256");

// Indicate the names of the headers to be included in the signature.
// "(request-target)" is not actually a header name, but is a special name for HTTP signatures.
// Copy the following three lines of code exactly as-is.  
// Do not replace "host", "date", or "(request-target)" with values.
json.UpdateString("headers[0]","host");
json.UpdateString("headers[1]","(request-target)");
json.UpdateString("headers[2]","digest");
json.UpdateString("headers[3]","v-c-merchant-id");

// Build the following JSON to be sent in the request body:

// {
//   "clientReferenceInformation": {
//     "code": "TC50171_3"
//   },
//   "paymentInformation": {
//     "card": {
//       "number": "4111111111111111",
//       "expirationMonth": "12",
//       "expirationYear": "2031"
//     }
//   },
//   "orderInformation": {
//     "amountDetails": {
//       "totalAmount": "102.21",
//       "currency": "USD"
//     },
//     "billTo": {
//       "firstName": "John",
//       "lastName": "Doe",
//       "address1": "1 Market St",
//       "locality": "san francisco",
//       "administrativeArea": "CA",
//       "postalCode": "94105",
//       "country": "US",
//       "email": "test@cybs.com",
//       "phoneNumber": "4158880000"
//     }
//   }
// }

// Use this online tool to generate code from sample JSON: 
// Generate Code to Create JSON

Chilkat.JsonObject jsonBody = new Chilkat.JsonObject();
jsonBody.UpdateString("clientReferenceInformation.code","TC50171_3");
jsonBody.UpdateString("paymentInformation.card.number","4111111111111111");
jsonBody.UpdateString("paymentInformation.card.expirationMonth","12");
jsonBody.UpdateString("paymentInformation.card.expirationYear","2031");
jsonBody.UpdateString("orderInformation.amountDetails.totalAmount","102.21");
jsonBody.UpdateString("orderInformation.amountDetails.currency","USD");
jsonBody.UpdateString("orderInformation.billTo.firstName","John");
jsonBody.UpdateString("orderInformation.billTo.lastName","Doe");
jsonBody.UpdateString("orderInformation.billTo.address1","1 Market St");
jsonBody.UpdateString("orderInformation.billTo.locality","san francisco");
jsonBody.UpdateString("orderInformation.billTo.administrativeArea","CA");
jsonBody.UpdateString("orderInformation.billTo.postalCode","94105");
jsonBody.UpdateString("orderInformation.billTo.country","US");
jsonBody.UpdateString("orderInformation.billTo.email","test@cybs.com");
jsonBody.UpdateString("orderInformation.billTo.phoneNumber","4158880000");

Chilkat.Http http = new Chilkat.Http();

// Setting the AuthSignature property causes the following header to be computed and added:
// Authorization: Signature keyId="...", algorithm="hmac-sha256", headers="(request-target) host date", signature="..."
http.AuthSignature = json.Emit();

http.SetRequestHeader("v-c-merchant-id","your-merchant-id");

// Calculate the digest of the body..
Chilkat.StringBuilder sbBody = new Chilkat.StringBuilder();
jsonBody.EmitCompact = false;
sbBody.Append(jsonBody.Emit());
sbBody.ToLF();
http.SetRequestHeader("digest",sbBody.GetHash("sha256","base64","utf-8"));

Chilkat.CkDateTime dtNow = new Chilkat.CkDateTime();
dtNow.SetFromCurrentSystemTime();

// Add a v-c-date header such as Fri, 19 May 2023 14:32:51 GMT
http.SetRequestHeader("v-c-date",dtNow.GetAsRfc822(false));

// This is needed for the CyberSource HTTP Signature -- internally, the shared secret needs to be decoded from base64 and not taken literally as a string.
http.UncommonOptions = "DecodeHmacKeyBytes";

string jsonStr = sbBody.GetAsString();
Chilkat.HttpResponse resp = new Chilkat.HttpResponse();
success = http.HttpStr("POST","https://apitest.cybersource.com/pts/v2/payments",jsonStr,"utf-8","application/json",resp);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

Debug.WriteLine(resp.BodyStr);
Debug.WriteLine("----");
// A 201 status code indicates success.
Debug.WriteLine("Status code = " + Convert.ToString(http.LastStatus));