hps / heartland-nodejs

Heartland's node.js SDK for connecting to our Portico Payment Gateway.
GNU General Public License v2.0
10 stars 12 forks source link

Heartland logo

Heartland NodeJS SDK

This SDK makes it easy to integrate your NodeJS application with Heartland's Portico Gateway API. Supported features include:

Supported Gateway Calls:

Data Security API Reference Testing &
Certification
API Keys Links
Register an Account
Partner with Heartland

Developer Support

You are not alone! If you have any questions while you are working through your development process, please feel free to reach out to our team for assistance!

Requirements

Installation

The SDK can be installed using npm. To install simply enter:

npm install heartland-nodejs

API Keys

Integrations that use card not present transactions, such as eCommerce web applications, will use API keys to authenticate. There are exceptions, such as card present POS integrations. For these projects please contact us for more information.

To begin creating test transactions you will need to obtain a set of public and private keys. These are easily obtained by creating an account on our developer portal. Your keys are located under your profile information.

Developer Keys

You will use your public key when implementing card tokenization and your private key will be used when communicating with our Portico Gateway. More details can be found in our documentation.

Note: Multi-Use tokenization is not enabled by default when creating an account. You can contact Heartland's Specialty Products Team to have this enabled. This is also true if you wish to use Gift & Loyalty, ACH, and Debit.

Data Security

If your app stores, processes, or transmits cardholder data in cleartext then it is in-scope for PA-DSS. If your app is hosted, or the data in question otherwise comes into your organization, then the app and your entire company are in-scope for PCI DSS (either as a merchant or a service provider). Heartland offers a suite of solutions to help keep integrators' applications and/or environments shielded from cardholder data, whether it motion or at rest.

To summarize, when you create a paymentMethod using this SDK you have the following options for securely avoiding interaction with sensitive cardholder data:

Documentation and Examples

You can find the latest SDK documentation along with code examples on our Developer Portal. In addition the included test suite can be a great source of code samples for using the SDK!

var heartland = require('heartland-nodejs'),
    config = {
                secretApiKey:   'skapi_cert_MTyMAQBiHVEAewvIzXVFcmUd2UcyBge_eCpaASUp0A',
                publicApiKey:   'pkapi_cert_jKc1FtuyAydZhZfbB3',
                versionNumber:  '1234',
                developerId:    '123456',
                siteTrace:      'trace0001'
            },
    uri = 'https://cert.api2.heartlandportico.com/Hps.Exchange.PosGateway/PosGatewayService.asmx',
    hpsCreditService = new heartland.HpsCreditService(config, uri),
    porticoReport = new heartland.PorticoReport(config, uri);

// Charging a credit card via the SecureSubmit API...
hpsCreditService.chargeWithCard(amount, currency, card, cardHolder, requestMultiUseToken, memo, callback);

// Access the ReportTxnDetail endpoing directly...
porticoReport.reportTxnDetail(transactionId, callback);

Testing & Certification

Testing your implementation in our Certification/Sandbox environment helps to identify and squash bugs before you begin processing transactions in the production environment. While you are encouraged to run as many test transactions as you can, Heartland provides a specific series of tests that you are required to complete before receiving Certification. Please contact Heartland to initiate certification for your integration. For eComm integrations please email our Specialty Products Team, for POS developers please email Integrations.

Quick Tip: You can get a head start on your certification by reviewing the certification tests in the included test suite.

Test Card Data

The following card numbers are used by our Certification environment to verify that your tests worked. Note that while variations (such as 4111111111111111) will work for general testing the cards listed below are required to complete certification. For card present testing Heartland can provide you with EMV enabled test cards.

Name Number Exp Month Exp Year CVV Address Zip
Visa 40120020 00060016 12 2025 123 6860 Dallas Pkwy 750241234
MasterCard 547350000 0000014 12 2025 123 6860 Dallas Pkwy 75024
Discover 6011000 990156527 12 2025 123 6860 750241234
Amex 372700 699251018 12 2025 1234 6860 75024
JCB 3566 0077 7000 7321 12 2025 123 6860 75024

Testing Exceptions

During your integration you will want to test for specific issuer responses such as 'Card Declined'. Because our sandbox does not actually reach out to card brands for authorizations we have devised specific transaction amounts that will trigger issuer response codes and gateway response codes. Please contact Heartland for a complete listing of values you can charge to simulate AVS, CVV and Transaction declines, errors, and other responses that you can catch in your code:

    chargeVisa: function (done) {
        this.hpsCreditService.chargeWithCard(17.01, 'usd', config.get('validVisa'),
            config.get('certCardHolderShortZip'), false, null, function (err, result) {
                assert.equal(result.responseCode, '00', 'The response code should be "00".');
                done();
            });

More exceptions can be found here.

Contributing

All our code is open sourced and we encourage fellow developers to contribute and help improve it!

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Ensure SDK tests are passing
  4. Commit your changes (git commit -am 'Add some feature')
  5. Push to the branch (git push origin my-new-feature)
  6. Create new Pull Request

Included Test Suite

The included test suite can help ensure your contribution doesn't cause unexpected errors and is a terrific resource of working examples that you can reference. As mentioned earlier, the certification folder contains tests that mirror the types of requirements you will encounter when you certify your integration for production.