Sandbox: source_id of type CNON is not supported for client

I’m following the Web Payments SDK Quickstart guide and card-payment.html in particular. I must be missing something obvious, but I don’t know what it is.

I’ve put my access token into .env.sandbox and included my appId and locationId in the example html.

Any time I enter a test credit card number (Sandbox Payments) I get the error ‘source_id of type CNON is not supported for client’.

I see the requests (and failures) in the Developer API logs. Using the API explorer, I tried submitting the source id created by the web client and get the same error.

Using the API explorer, ‘cnon:card-nonce-ok’ also fails. However ‘ccof:customer-card-id-ok’ succeeds.

How do I test credit cards like the guide shows?

:wave: I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:

Additional Documentation

In-App Payments SDK Quickstart
In-App Payments SDK Quickstart
Test in the Sandbox

If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.

What value are you passing in on the CreatePayment request? Does it look like cnon:CBASEF667Xdo69NiVEeuHo_Hj3Q. :slightly_smiling_face:

Yes. They all look like that. It’s what the web payments sdk creates which tracing the example code back comes from paymentMethod.tokenize().

Oh, I think I just found it. Your docs say to use any zip code. However it needs to match the postal code in verificationDetails. It seems like the docs need to be updated to reflect that. I had previously tried removing the verfiedBuyer part like in the docs, but that also failed.

Ah, that is confusing. You can use any zip code but you do have to use the same one that you used when calling verifyBuyer. We’re constantly working to improve our features based on feedback like this, so I’ll be sure to share your request to the API product team. :slightly_smiling_face: