Merchant Vendors

ActionKit integrates with Braintree,, Payflow Pro, and PayPal for credit card processing.

If you are setting up a new account, we recommend Braintree. They are the only vendor who will provide the credit card information so you can take recurring profiles with you to a different vendor. They are also the only vendor who accepts ACH Direct Debit payments, and you can set your account to automatically update credit card expirations where possible. Finally, Braintree can often accept recurring profiles from another vendor if your old vendor is able to transfer encrypted credit card information to Braintree.

You can accept one-time and recurring donations with all of these vendors. Monthly is the recurring default. You can edit your templateset to accept weekly, quarterly or yearly donations if your payment processor supports it. Payflow Pro and support weekly donations. Braintree supports quarterly and yearly recurring donations. ACH Direct Debit supports the same options that credit card orders on Braintree do.

You can read a description of how donations are processed and recorded for each vendor, under Donation Processing and Data capture.

Vendors also deal with CVV differently. You may be able to configure your account with your merchant vendor to always or never require this, but you'll need to check with your vendor to confirm. If you've changed your settings so this isn't required by your merchant vendor, you can edit the template for your Donation Pages to not require CVV, since ActionKit does not require it. However, if you remove it from your ActionKit form without changing your settings with your merchant vendor, donations will fail.

Finally, if you are transferring from another system but keeping the same merchant vendor, you can import recurring donation profiles into ActionKit. The historical information provided varies by vendor. does not provide any history but payments that come in after the profile is transferred to ActionKit will be recorded. Historical payments will transfer for Braintree and Payflow Pro.

Following is the information we need to hook up a new account for each vendor and settings we encourage you to use.


We need the following pieces of information for each Braintree account:

  • merchant id,
  • merchant account id (if you have multiple accounts, like for a (c)(3) and (c)(4))
  • public key,
  • private key,

If you plan on receiving recurring donations, you need to add one or more new subscription plans. Log in to your Braintree admin console. Navigate to Plans and click on New. For monthly, set the plan id to 1 and the price to 0.00. For annual, choose a plan ID such as "annual" or "12", enter a name and description, set the price to $0, and the billing cycle to 12 months. If you want to offer quarterly donations, repeat that process, choosing a different plan ID and a 3-month billing cycle. All other options can be left as default (no trial period, bill immediately, end date never).

Then file a ticket through the Support Tab. Tell us which Braintree accounts you're using, the plan IDs for the recurring plans and the names you'd like to use. We'll update your site configuration with this information.

If you plan to accept ACH Direct Debit payments, you will need to ask Braintree to add you to their ACH beta program. You will also need to set up the Braintree webhook for ACH transaction settlements as described here. Then send us a support request asking us to enable ACH for your Braintree account.

Recurring Retry

Each vendor deals with failed recurring donation payments differently. They all retry the charge multiple times on a different schedule as described here.

Braintree will accrue the missed payments and charge for all of them when the card is again accepted. This can lead to a nasty surprise for some of your most valuable donors if their payments fail for a few months and then succeed (for a total that includes the missed months). To avoid billing recurring donors for several months of missed payments at one time, use our custom retry system.

Note that this only applies to recurring credit card donations with Braintree. Recurring donations using ACH Direct Debit are handled by ActionKit directly, and failed payments are never retried. See the ACH Direct Debit Guide for more information.

Additional Information Supported

You can also include some additional information with requests to Braintree -- please note that some set up is required first in the Braintree gateway for several of these.

  • Email: This will be transferred automatically.
  • IP address: There's an instance-wide configuration option. Under Donations Send IP Address is set to False by default. NOTE: You must create the 'customer_ip' custom field in the Braintree gateway prior to enabling the option or ALL donations will fail.
  • Custom fields: Inputs on braintree donation pages prefixed with 'braintree' will be submitted as custom fields. Again, the donation will error and fail if a custom field is submitted that has not first been created in the gateway.
  • Device data: We've made changes to allow you to take advantage of Braintree's new fraud protection tools, beyond MaxMind. Most groups will not need this, but if you are encountering problems with fraud that you aren't able to reduce using MaxMind, this might be of use to you. You'll need to make some changes to your account settings so if you're interested in finding out more let us know.

For all of the above, because of how donations and recurring donations are structured, the data is attached to the transaction for a one-time donation, but to the customer for a recurring donation.

3D Secure 2.0

We now offer support for 3D Secure 2.0 to verify credit card owners who are making a donation on your Braintree donation pages.

To enable this option, create a custom page field called use_3d_secure. Add it to your Braintree donation page and set the value to 1.

Template changes to donate, recurring_update, and recurring_info pages. Please consult the template diffs to ensure your template has the correct code.

We can also configure your instance to require 3D Secure for all pages on a Braintree account. Please contact ActionKit support to do this. (Testing first is a must!)

Note that recurring updates will not use 3D Secure unless the account is configured to use it.

To add an merchant account, we need the API login ID and transaction key.

If you don't already have this info saved somewhere, you'll need to request new API keys from The old keys will expire in 24 to 48 hours. Coordinate with us through the support form on the timing so your old key isn't disabled too early.

You must set a Silent Post URL to post to ActionKit. If you don't do this, no recurring donation payments will show in ActionKit. The place to set it is in the management system, under Account -> Settings -> Silent Post URL. The URL should be:

Where YOUR_SSL_HOST is the hostname you're using to host your donation pages. This may be a domain or your own domain if you have an SSL certificate.


As of March 2019, ActionKit is transitioning clients using to their accept.js processing system. Accept.js allows ActionKit to process donations without directly handling credit card details, which is much more secure. We will deprecate the old interface to and all donation pages will be required to use Accept.js.

You can find more details about Accept.js here:

How It Works

When processing a transaction using Accept.js, credit card details are sent directly to from the end-user's browser. replies with a token which is then passed to ActionKit when the form is submitted. ActionKit uses this token to process the transaction.

Getting a Public Key

To get started with Accept.js you will need to send your Public Client Key to ActionKit support. To generate the Client Key, log in to the Merchant Interface as an Administrator and navigate to Account > Settings > Security Settings > General Security Settings > Manage Public Client Key. If the Public Client Key does not yet exist, answer your security question to generate the key.

If you have more than one account you will need to do this for each account.

Updating Your Donation Templates

The Original templateset has been updated to support Accept.js, so if you create new templates based on Original they will have Accept.js support. If you want to add Accept.js support to an existing templateset you will need to make some changes. The changes are all in donate.html and recurring_update.html.

You will need to add some initialization Javascript to each page. This is the code you will need to add to donate.html:

{% if pp.use_accept %}
<script src="/resources/ak_authnet_accept.js"></script>
{% authnet_js_libs %}
$(function() {
    var form = document.querySelector("#act"),
    options = {
            form: form,
            submit: form.querySelector(".ak-submit-button")
    actionkit.authnet.initClient('{{ pp.login }}', '{{ pp.public_key }}', options);
{% endif %}

This code should be added just below this line:

{% with page.payment_processor_information as pp %}

If you have trouble finding the right place to add this block, open a ticket with ActionKit support and we can assist you.

For recurring_update.html the code is slightly different:

{% if profile.payment_processor_information.use_accept %}
{% once %}
<script src="/resources/ak_authnet_accept.js"></script>
{% authnet_js_libs %}
$(function() {
    var form = $("#change_profile_{{ }}").get(0);
    options = {
            form: form,
            submit: $("#change_profile_{{ }} .ak-change-submit button").get(0),
    actionkit.authnet.initClient('{{ profile.payment_processor_information.login }}', '{{ profile.payment_processor_information.public_key }}', options);
{% endonce %}
{% endif %}

Place that in the loop that starts:

{% for profile in active %}

You may need to adjust the code in these blocks if you have a different CSS scheme for identifying the submit button.


After you update your template it is critical that you test it and make sure it is working. It is a good idea to create a copy of your main template set and make the changes there, so you can test it with a non-public donation page.

Additional Settings

We strongly recommend enabling the Transaction Details API in By default, when processes a recurring donation, they attempt to send that data to ActionKit once and only once. Sometimes the attempt fails and ActionKit never gets a record of the payment. If you enable the API, we’ll also run a nightly server-to-server sync to pick up any missing transactions from the preceding 30 days.

Read how here:

Payflow Pro

We will need the following to hook up a Payflow Pro account:

  • Partner
  • Merchant Login
  • User
  • Password

You should receive a welcome message after making your account that will have this information.


Payflow Pro itself doesn't provide a PCI compliant service, but ActionKit has an integration with VeryGoodSecurity (VGS) to that makes PCI compliant Payflow Pro donations possible.

Support for VGS was added to the built-in Original templateset in August 2021, and use of the VGS proxy is now required for Payflow Pro accounts in ActionKit.

If you've customized your donate.html templates, changes may be necessary before VGS will work on your donation pages. Reach out to ActionKit support for pointers on how to add VGS to your templates.


To use PayPal for credit card processing, you follow the steps outlined under enabling Paypal on a donation page.


Once your account is set up, you'll be able to select it under payment account when you create a donation page.

Be sure to test that your account is set up correctly by making a donation. You can reverse this from your individual user record afterward. It's a good idea to set up a recurring donation as well if it's a new account.

The only way to test your account is by making a real donation -- the test set up offered by some merchant vendors is not the equivalent as it often isn't the same code path as that used by the live donation processing.