Update your Authorize.Net Direct Post's Signature Key from MD5 to SHA-512


Connect, Educate, Learn, Collaborate...


Update your Authorize.Net Direct Post’s Signature Key from MD5 to SHA-512

The Authorize.Net Direct Post payment method implementation in Magento is currently carried out using MD5 based hash. However, Authorize.net is soon ceasing the support for MD5 based hash usage. As a result, Magento merchants will not be able to process payments through Authorize.Net Direct Post. To cope with this, Merchants need to implement the patch provided by Magento while replacing the existing MD5 hash with SHA-512, a Signature Key in Magento Admin configuration settings.

The versions that would be affected by this include:

  • Magento Commerce 1.X.X
  • Magento Commerce 2.X.X
  • Magento Commerce (Cloud) 2.X.X
  • Magento Open Source 1.X.X
  • Magento Open Source 2.X.X
  • Authorize.Net Direct Post

To continue using Authorize.Net Direct Post payment method, you need to take these three general steps:


You may require a Magento developer’s assistance to apply the patch. Download and install packages for the Magento edition and version on which your eCommerce store is running. The download patches are also available for the ones who installed with Composer.

How to download and install the patch

  • Go to My Account.
  • Select the Magento edition and version in the Downloads tab
  • Select Support Patches, Security Patches, and Authorize.net Direct Post Signature Key patch for Magento Commerce 1.X and Magento Open Source 1.X
  • There are two patches available for Magento Commerce 2.X and Magento Open Source 2.X. One for Magento 2.0.X and 2.1.X, and another for Magento 2.2.X and 2.3.X.
  • Download and install the patch for your Magento version.


You will need a new Signature Key and get it added to your Magento Admin configuration.

  • Log into Authorize.net’s Merchant Interface
  • Click Account in the toolbar.
  • Click Settings in the left-side’s main menu.
  • Click API Credentials & Keys.
  • Select a New Signature Key.
  • To continue, click Submit.
  • Request PIN and enter it for verification.
  • Your new Signature Key will appear. Copy and add it to your Magento Admin configuration.


  • Log into your Magento Admin.
  • Click Stores on the Admin sidebar.
  • Click Configuration under Settings.
  • Click Sales, then Payment Methods in the panel.
  • Expand Authorize.net Direct Post section.
  • Enter the SHA-512 Signature Key in the Signature Key.
  • Save this Configuration

If the Signature Key updates and processing of payment continues to work smoothly, the process is successful. If you come across with any issues, verify the Signature Key through Authorize.Net.

Mike Patel
Mike Patel