Begin by activating the payment gateway under Setup > Payments > Payment Gateways and choose 2CheckOut from the Available Gateways dropdown.
Once activated, you can then enter the configuration details explained below. By default clients can chose between one-time and subscriptions payments and enter their own billing details on the 2Checkout site, the following options allow this behaviour to be changed.
To setup the callback process for 2CheckOut to automatically mark invoices paid, you will need to login to your 2CheckOut account and click the Notifications tab:
- First click Enable All Notifications
- In the Global URL field, enter the url http://www.yourdomain.com/whmcs/modules/gateways/callback/tco.php . Replacing http://www.yourdomain.com/whmcs/ with the actual URL of your WHMCS installation.
- Click Apply
In order to return clients back to your WHMCS installation after a successful payment you can configure Direct Return within the 2CO control panel:
- Navigate to Account tab > Site Management
- Under the Direct Return heading, select the Direct Return option
- In the Approved URL field set the URL to http://www.yourdomain.com/whmcs/modules/gateways/callback/2checkout.php . Replacing http://www.yourdomain.com/whmcs/ with the actual URL of your WHMCS installation.
For added security, you can set a "Secret Word" inside your 2CheckOut account @ Account > Site Management. If set, this is then used to validate callbacks are authentic and it is therefore recommended that you do this. If you choose to enable it, then you must also enter the exact same word that you set inside the 2CheckOut control panel into the WHMCS Secret Word field in Setup > Payments > Payment Gateways
If you wish to be able to use the recurring billing and/or automatic refunds functionality within WHMCS, then you must setup a 2CheckOut API user and enter the details in these fields.
To setup an API user, you will need to login to your 2CheckOut account and go to Account > User Management
- Click Create Username
- Enter an email address, username & password, security question & answer.
- Select the permissions for the user. You just need to select API Access & API Updating for the permissions.
- Enter the same username & password that you just created into the appropriate API username and API password fields inside WHMCS.
When ticked clients will only be able to make one-time payments (subscriptions disabled). For recurring services they will be required to login and pay each invoice.
When enabled clients will only be able to make recurring payments when applicable (one-time payments disabled). This means future payments will be sent automatically without the need for manual intervention.
When unticked the standard spurchase routine will be used. Tick this option to use the more modern purchase checkout process which includes the option for clients to pay via PayPal.
Skip 2CO Fraud Check
Ticking this option will prevent 2Checkout from performing their fraud checks on payments. It can result in faster processing of payments, but may potentially increase your exposure to fraudulent orders and charge-backs.
Should a payment that has been recorded in WHMCS later be determined to be fraudulent, manual action would be required to reverse the payment recorded in WHMCS and suspend any services as appropriate.
In order to use demo mode, the "Demo Setting" in your 2CheckOut account should be set to "Parameter" under Account > Site Management. Demo mode can then be enabled by ticking the checkbox in WHMCS under Setup > Payments > Payment Gateways.
Please note that when using demo mode, all callbacks from 2CheckOut will fail with the error MD5 Hash Failure if a secret word is specified. This is done intentionally by 2Checkout to protect those who sell digital goods from fraudulent purchases through their demo mode.
In Demo Mode, valid credit card data must be submitted in order to properly perform the request. Credit cards will not be charged during this process.
MD5 Hash Failure
An MD5 Hash Failure error under Billing > Gateway Log indicates that the Secret Word in Setup > Payments > Payment Gateways does not match the Secret Word in the 2CheckOut control panel. Double check your entry is exactly right, and check for any invisible trailing spaces if so.
This error in the Gateway Log indicates that either the secret word, API username, or API password are incorrect. These may be reconfigured at Setup > Payments > Payment Gateways. For further information on this configuration see above.