To start testing APIs in the stage environment, you need an Online Banking account and a developer app with the necessary certificate attached. Our support team will create the Online Banking account and add the certificate to your developer app. Simply send us an email to [email protected] with your request.
Email template:
Hello,
Please create us an Online Banking account and attach the provided certificate to my dev app.
Details:
Company Name:
Developer Name:
Developer Email:
Developer Phone NO:
Dev app Client ID:
The certificate file is attached to the email.
Terms and requirements
Company Name – a name that will be used to create a customer in our Online banking system.
Developer Name – a name used to create a user in our Online banking system.
Developer Email – the email that will be used when creating a user and will be used to log to ConnectPay Online Banking
Developer Phone NO – the phone number will be used to receive OTPs when confirming login into ConnectPay Online Banking.
Dev app Client ID – the client ID should be taken from the developer app you created in the developer portal. It will be used to attach the certificate to your dev app.
Certificate requirements and recommendations
- Proper Order: Start with the leaf certificate and end with the root certificate.
- Root Included: Ensure the root certificate is included.
- Proper Format: Certificates must be in X509 ASCII Base64 format.
- CA Issued: Use certificates issued by reputable CAs like Comodo, DigiCert, or BuyPass. Self-signed and Let’s Encrypt certificates are not accepted.
- Let’s encrypt certificates will not accepted as they are issued only for 3 months and frequent rotations adds extra load on yours and ours DevOps teams and increases API failure rate – chance to forget rotate certificate is 4 times greater.
- Not shared: we strongly recommend not using the same certificate for Prod and Stage. However, please refer to your Company’s security policies. Separation is not a mandatory requirement by ConnectPay.
- DV: If you are ordering a new certificate and do not have any specific requirements we recommend domain validated (DV) certificates as they are quickest and easiest to get.
- SSL QWAC for PSD2: To access PSD2 Open Banking APIs, you, as TPP, have to use extended eIDAS PSD2 certificate with proper PSD2 TPP roles.