Cybersource Payment Module Documentation

CyberSource Secure Acceptance SOP Environment Setup


  • Users must establish their own account with CyberSource in order to use the BroadleafCommerce CyberSource payment functionality ( Note, this is only a test account - you will need to contact a CyberSource sales representative to set up a real merchant account.
  • Familiarize yourself with the CyberSource Secure Acceptance SOP ( BroadleafCommerce takes care of all the heavy lifting here, but it doesn't hurt to have the documentation that describes the process of how everything works should you need to reference them in the future.
  • You should have Secure Acceptance functionality enabled in your CyberSource Business Center. If you do not see the Secure Acceptance link under the Tools & Settings tab, you will need to contact a CyberSource representative to get that feature enabled.

Initial Setup

Follow the steps defined in the Cybersource documentation on setting up a Secure Acceptance profile. Note that you may need to contact CyberSource customer support to enable Secure Acceptance. (

Once you have established an account with CyberSource and configured your settings in the Business Center so that you have an active account,
begin by including the CyberSource Module dependency to your Broadleaf application's parent pom.xml.


Make sure to include the dependency in your CORE pom.xml as well:


The next step is to make Broadleaf Commerce aware of your CyberSource account credentials.
This is accomplished through environment configuration (see [[Runtime Environment Configuration]]).

Broadleaf allows you to create your own property files per environment (e.g.,,,,,, and
You will need to enter the following key/value pairs in the appropriate locations and replace the "?" with your Cybersource account details:

You can also store these configs in the Database by utilizing the blSystemPropertiesService. See the java docs for more details.

Properties File Config

Production Property Config

Advance Reply Configuration

By default, the system looks at the decision reply field to determine whether or not a transaction is successful.
If instead, you would like to look at specific reason codes to determine its success, you can set the following property:
gateway.cybersource.secureAcceptance.success.reasonCodes. This property accepts a comma separated list of codes. If
this property is not set, it will default to looking at the decision field. If you are still in need of a more complex
rule to determine success, the method can be overriden in com.broadleafcommerce.payment.service.gateway.CybersourcePaymentWebResponseServiceImpl

An example of the reason code system property:

  • gateway.cybersource.secureAcceptance.success.reasonCodes=100,110,230

Now that you have your environment set up, let's begin setting up the [[CyberSource Payment Quick Start]].