What is the difference between HTTP GET and HTTP POST?
GET is the HTTP method used when requesting a resource -- for example, when loading a web page or its elements.
The only way to send data with GET is by adding parameters to the URL. Usually, that means adding a question mark ("?") to the URL, followed by a set of names and values, separated by ampersands ("&"). For example:
When using Secure HTTP (HTTPS), it is important to note that any parameters in the URL will not be encrypted in server logs or browser caches, which in turn may or may not be adequately secured.
The POST method, in contrast, is specifically used to submit data to servers. The data is stored in the body of the HTTP request, rather than in the URL. Therefore, when used with HTTPS, the HTTP body and its sensitive data are fully encrypted.
We strongly recommend using HTTP POST for your API calls to https://secure.authorize.net/gateway/transact.dll or to https://secure2.authorize.net/gateway/transact.dll. HTTP GET will soon be disabled in the near future as an option for these URLs.
You can use the Data Validation Tool to help determine if your solution is using GET or POST. When submitting a request to the Data Validation Tool, the REQUEST_METHOD header will indicate whether the request was submitted using GET or POST.
Please consult with your web developer if you have questions about which method your solution uses, and for assistance in switching to HTTP POST.