Skip to main content

Production go-live checklist

Passing sandbox tests is a great milestone, but it does not mean your production access is ready.

This checklist is relevant for any PayWise API integration. If you are going live with Checkout payments, use the dedicated payments section below.

What changes between sandbox and production?​

AreaSandboxProduction
Dashboardhttps://sandbox-dashboard.paywise.cohttps://dashboard.paywise.co
API base URLhttps://sandbox-api.paywise.cohttps://api.paywise.co
Developer keypwsk_sbx_…pwsk_prod_…
Endpoint accessSandbox Payments is auto-approved (other access may be restricted)Requires PayWise manual approval
MoneyTest money onlyReal money
Docshttps://docs.paywise.cohttps://docs.paywise.co

Key requirements​

  • pw-subscription-key goes in the request header (all API calls).
  • Some products (like Payments Checkout) also require a business api_key in the JSON body.
  • Sandbox keys and sandbox api_key must not be used in production.

Checklist​

  • Validated your integration end-to-end in sandbox (Checkout Builder or your own integration)
  • Created a production developer project in https://dashboard.paywise.co
  • Generated a production pw-subscription-key (pwsk_prod_…)
  • Requested production access for the endpoints you plan to use
  • Received PayWise approval (production)
  • Updated API base URL to https://api.paywise.co
  • Updated any webhook/redirect URLs to production HTTPS URLs
  • Ran a small live test call for your integration
  • Verified success/failure handling and status checks

If you are going live with Checkout payments (POST /payments/request)​

  • Confirmed a live PayWise business account exists for your merchant
  • Obtained a live business api_key
  • Confirmed the live business api_key is active (and approved if applicable)
  • Updated success / error / notify / callback URLs to production HTTPS URLs
  • Sent a small live test payment request
  • Checked status with GET /payments/status

Notify vs callback (production guidance)​

  • notify URL = payment lifecycle notifications
  • callback URL = overall transaction callback/status updates

In production:

  • Use HTTPS URLs.
  • URLs must be publicly reachable (no localhost).
  • Handlers must be idempotent.
  • Log inbound requests (request id / timestamps / response codes) for support.

After you send a live payment request​

Use GET /payments/status with the returned payment_details_id:

GET /payments/status?version=2024-10-01&api_key=<your_api_key>&payment_details_id=<payment_details_id>