Environnement de bac à sable
L'environnement de sandbox Cardflo permet aux développeurs d'intégrer et de tester des solutions de paiement sans affecter les transactions réelles.
Cet espace isolé reproduit notre environnement de production, permettant un test approfondi de toutes les fonctionnalités de Cardflo, du traitement des paiements aux webhooks et aux interactions API, garantissant une transition en douceur vers les opérations en direct.
- Catégorie
- Développeur
- Capacités
- 10
- Disponible sur
- Tous les plans
L'aperçu
A sandbox environment acts as a non-production instance of a payment gateway or orchestration platform, allowing developers to model the entire transaction lifecycle without moving real funds. It operates as a replica of the live API, including components for authorisation, capture, and settlement.
Within this isolated container, technical teams can verify their integration logic, request structures, and authentication headers against strict validation rules.
By using test credentials and simulated Card Identification Numbers (BINs), merchants can evaluate how their backend reacts to various responses, such as successful payments, soft declines, or 3DS authentication prompts.
The sandbox sits between the merchant application and the simulated acquirer, providing a safe space to ensure that the code handles edge cases, such as insufficient funds or expired cards,
before moving to a live production environment where errors could result in loss of revenue or increased chargeback ratios.
Comment ça marche
Credential generation and authentication
Developers obtain a specific set of API keys or Bearer tokens designated for the testing environment. These credentials route requests to a mock processor rather than the live payment schemes.
This ensures that no merchant identification number (MID) is billed for processing fees and no real cardholder data enters the production systems.
Simulated transaction processing
The merchant sends a payment request using predefined test card numbers that trigger specific outcomes. For example, using one BIN might simulate a successful authorisation, while another triggers a CVV mismatch or a hard decline.
The sandbox returns an identical JSON response structure to the live API to ensure compatibility.
Webhook event notification
Once a transaction status changes in the sandbox, the system generates asynchronous webhooks. The merchant server receives these notifications at a designated endpoint to verify that their system correctly updates the internal database.
This step is critical for testing automatic order fulfilment or subscription management logic in real time.
State change and settlement
Users can manually or programmatically transition the state of a transaction from authorised to settled or refunded within the testing dashboard.
This allows for the verification of post-purchase workflows, including the handling of retrieval requests or partial refunds, ensuring the merchant UI reflects the correct financial state.
Pourquoi c'est important
Risk mitigation during deployment
Implementing new payment flows directly in production creates high operational risk. By utilising a sandbox, developers can identify logical errors or malformed API requests that would otherwise lead to failed checkouts.
This isolation protects the integrity of the live Merchant Identification Number and prevents accidental triggers of anti-fraud filters that could occur during aggressive testing of new card-present or card-not-present integration logic.
Validation of complex logic
Modern payments often involve multi-step processes like Strong Customer Authentication (SCA) or recurring billing. A sandbox allows for the rigorous testing of cardholder-initiated and merchant-initiated transactions without the financial cost of real transactions.
It ensures that the system correctly interprets various decline codes and response messages from issuers, allowing for the refinement of dunning logic and retry strategies to optimise eventual conversion rates.
Cas d'usage
Initial API integration
New merchants use the sandbox to map their internal order management systems to the payment gateway's API endpoints. This confirm that data fields like currency codes and merchant category codes are correctly formatted for authorisation.
Recurring billing verification
Subscription-based businesses test their dunning sequences by simulating card expiry or insufficient funds. This ensures that the system correctly attempts retries and sends appropriate notifications to the customer before service suspension.
Webhook endpoint debugging
Developers use the testing environment to verify that their firewall and server configurations allow for incoming webhook notifications. This prevents issues where orders remain 'pending' despite successful authorisation at the acquirer level.
Alternative payment method testing
Before enabling local payment methods, merchants can simulate the redirect flows required for APMs. This ensures that the user experience remains consistent when the customer is sent to a third-party wallet or bank portal.
En chiffres
Typical efficiency gains observed by technical teams when using a comprehensive sandbox compared to manual documentation review and direct production testing.
Estimated range of reduction in post-deployment bugs related to payment logic when rigorous sandbox testing is implemented as part of the CI/CD pipeline.
Industry standard response time for mock API endpoints, allowing for rapid iteration during the software development lifecycle.
Termes associés
Talk to our team about a live rollout on your acquiring stack.
What you get with Environnement de bac à sable
- Simuler le cycle de vie complet des paiements, y compris les approbations et les refus
- Tester l'intégration avec l'API et les SDK de Cardflo
- Expérimenter différentes méthodes de paiement et configurations
- Valider les notifications et les réponses des webhooks
- Développer et déboguer des flux de paiement personnalisés en toute sécurité
- Accéder à des données de test complètes pour différents scénarios
- Configure multiple merchant profiles to test currency conversion and domestic versus international processing.
- Audit the logging of transaction IDs, ARNs, and timestamps for internal financial reconciliation.
- Model the behaviour of partial captures and multiple refunds on a single transaction.
- Examine the impact of merchant category codes on simulated authorisation rates and fee structures.
A short scoping call, then a written plan for your MIDs.
Questions about Environnement de bac à sable
Quel est le but de l'environnement de sandbox Cardflo ?
Le sandbox fournit un espace sûr et isolé pour les développeurs afin d'intégrer et de tester la plateforme d'orchestration des paiements de Cardflo.
Il permet un test complet de toutes les fonctionnalités sans affecter les comptes marchands réels ou les transactions clients, garantissant une intégration robuste.
L'environnement de sandbox prend-il en charge toutes les fonctionnalités de Cardflo ?
Oui, l'environnement de sandbox Cardflo est conçu pour reproduire l'environnement de production aussi fidèlement que possible.
Les développeurs peuvent tester le traitement de paiement de base, la logique de routage intelligent, les mécanismes de récupération des échecs et les interactions API, garantissant une parité de fonctionnalités complète pour le développement de l'intégration.
Comment puis-je accéder à la sandbox Cardflo ?
L'accès à la sandbox Cardflo est fourni lors de la création du compte. Les développeurs reçoivent les identifiants et la documentation nécessaires pour commencer à tester immédiatement.
Des guides complets sont disponibles pour aider à la configuration initiale et à divers scénarios de test, facilitant un développement efficace.
Is stored cardholder data in the sandbox subject to PCI-DSS compliance?
While the sandbox should not contain real cardholder data, the security of the API keys and the simulated data remains important. Most sandbox environments use pseudo-data that resembles real PANs but fails Luhn algorithm checks or belongs to unassigned ranges.
However, developers should maintain good security practices and never use real customer data within a testing environment to avoid potential data leakage risks.
Will my webhook endpoints receive the same payload as the production environment?
The JSON or XML payload delivered to your webhook URL in the sandbox should mirror the production schema exactly. This includes the same fields for transaction ID, amount, currency, and status codes.
Testing this ensures that your backend parser is correctly configured to handle the live data stream without needing to make code changes during the transition to production.
Can I test the settlement and reconciliation process in the sandbox?
You can simulate the transitions that lead to settlement, such as moving a transaction from 'authorised' to 'captured'. Some sandboxes allow you to generate mock reports that resemble the settlement files provided by acquirers.
This helps in building automated reconciliation tools that match internal order IDs with the transaction references provided by the payment service provider.
Prêt à accélérer ?
Parlez-nous de votre activité. Nous vous mettrons en relation avec les bons partenaires acquéreurs et la bonne route, généralement en moins d'une semaine.
