See below for how to correctly populate the “cardReference” field into omnipay. It needs to be a valid JSON string. Preferably you should use json_encode, however I’ve copied it out as a full string for clarity.
$request = $this->gateway->purchase(
[
'amount' => $params['amount'],
'currency' => 'USD',
'cardReference' => '{"customerProfileId": '.$profileId.', "customerPaymentProfileId": '.$paymentProfileId.'}',
'transactionId' => $params['transactionId'],
'description' => $params['description']
]
);
$response = $request->send();
$data = $response->getData();
This is used in the popular Omnipay PHP library to integrate Authorize.net CIM profile management.
Read more in the official docs: https://developer.authorize.net/api/reference/index.html#payment-transactions-charge-a-customer-profile