Error 13: The merchant login ID or password is invalid or the account is inactive.
11/08/2023 20:09 PM
Response Reason Code: 13
Response Reason Text: The merchant Login ID is invalid or the account is inactive.
This error suggests that you might be posting an incorrect API Login ID in your script, connecting to a server that doesn't recognize your account, using an inactive account, or not including a valid Transaction Key or hash fingerprint with your transaction request. For security reasons, we recommend always submitting a Transaction Key or fingerprint hash.
API Login ID:
If you are posting your transaction requests to the gateway URLs https://test.authorize.net/gateway/transact.dll and you are using an account given to you by an Authorize.net Reseller or from Authorize.net Sales, you may encounter this error. These gateway URLs work only with specific test accounts, available upon request by completing the form at https://developer.authorize.net/hello_world/sandbox/
Check your script to verify that you are posting the API Login ID for the account in question. If you are not posting the correct API Login ID, or if you are not sending an API Login ID, please edit the script and ensure that the field name is set to the API Login ID. This can be obtained from the Authorize.net Merchant Interface. See the support article: How do I obtain my API Login ID and Transaction Key? for instructions on obtaining the API Login ID.
If the account is active and the API Login ID is correct, use the Data Validation Tool to validate the fields you are passing to us.
Transaction Key and Fingerprint Hash:
If you are using SIM, ensure that you are using a valid Transaction Key to generate and send a fingerprint hash along with your transaction request. The fingerprint hash should be submitted using the field x_fp_hash.
If you are using SIM and submit a request for a Credit, Void, or Prior Authorization Capture (x_type = CREDIT, VOID or PRIOR_AUTH_CAPTURE) you may encounter this error. For security reasons these transaction types must be processed by logging into the Merchant Interface directly, or by using a desktop application that uses AIM.
If you are using AIM, make sure you are sending a valid Transaction Key along with your transaction request. The Transaction Key should be submitted using the field x_tran_key.
If you are using an older Authorize.net account and you submit a password instead of a Transaction Key, you may experience this error. Ensure that you are submitting your Transaction Key instead.
If you are using a third-party shopping cart and receiving this error, check with your shopping cart provider to confirm that your application can send the Transaction Key to Authorize.net. Most up-to-date shopping carts should be able to store and use a Transaction Key.
Some shopping carts, for backward compatibility with older connection methods, may provide the means to submit both a Transaction Key and a password. Do not use both the Transaction Key and the password simultaneously; doing so may result in this error. We strongly recommend leaving the password field blank.
If the shopping cart has a field for a password but no field for the Transaction Key, put the Transaction Key in the password field. Our system will recognize and validate the Transaction Key properly.
While most shopping cart software will have a field for the Transaction Key, password, or both, some software may not. Contact your shopping cart provider for details on how to upgrade to a more secure version of your shopping cart software.
Was this article helpful?