Configuration Best Practices
Complete guide for Configuration Best Practices
Security Guidelines
- Use test keys during development
- Switch to live keys only after thorough testing
- Never commit API keys to version control
- Rotate keys regularly for security
- Use environment variables for production
- Always verify webhook signatures
- Use HTTPS endpoints only
- Implement webhook retry logic
- Monitor webhook delivery status
- Set up webhook failure alerts
Testing Procedures
- Enable Sandbox/Test Mode in Schedula
- Use test API keys from payment gateway
- Make test transactions with test cards
- Verify webhook notifications
- Test both successful and failed payments
- Success: 4242424242424242
- Decline: 4000000000000002
- 3D Secure: 4000002500003155
- Success: 4111111111111111
- Decline: 4000000000000002
- UPI: Use any valid UPI ID
Production Deployment
- [ ] Switch to live API keys
- [ ] Disable test mode
- [ ] Verify webhook endpoints
- [ ] Test with real payment methods
- [ ] Configure monitoring and alerts
- [ ] Set up error logging
- [ ] Test refund and dispute handling
- Monitor payment success rates
- Track webhook delivery status
- Set up alerts for failed payments
- Monitor API response times
- Track transaction volumes
Troubleshooting
- Verify API keys are correct
- Check if test mode is enabled/disabled appropriately
- Ensure currency matches your account settings
- Verify card details are correct
- Check webhook URL is accessible
- Verify webhook secret is correct
- Ensure HTTPS is used for production
- Check webhook event selection
- Verify API keys are valid
- Check internet connectivity
- Ensure firewall allows API calls
- Verify account is active and verified
×
![]()