To start testing APIs in the stage environment, you need an Online Banking account and a developer app with the necessary certificate attached. Our support team will create the Online Banking account and add the certificate to your developer app. Simply send us an email to [email protected] with your request.
Email template:
Hello,
Please create an Online Banking account and attach the certificate provided to my dev app.
Details:
Company Name:
Developer Name:
Developer Email:
Developer Phone NO:
Dev app Client ID:
The certificate file is attached to the email.
Terms and requirements
Company Name – a name that will be used to create a customer in our Online banking system.
Developer Name – a name used to create a user in our Online banking system.
Developer Email – the email that will be used when creating a user and will be used to log into ConnectPay Online Banking
Developer Phone NO – the phone number will be used to receive OTPs when confirming login into ConnectPay Online Banking.
Dev app Client ID – the client ID should be taken from the developer app you created in the developer portal. It will be used to attach the certificate to your dev app.
Please note: certificate is not required for Merchant Gateway (Accept payments) integration. More details: Basic authorization and brand information – ConnectPay
Certificate requirements and recommendations
- Proper Order: Start with the leaf certificate and end with the root certificate.
- Root Included: Ensure the root certificate is included.
- Proper Format: Certificates must be in X509 ASCII Base64 format.
- CA Issued: Use certificates from reputable CAs like Comodo, DigiCert, or BuyPass. Self-signed and Let’s Encrypt certificates are not accepted.
- Let’s encrypt certificates will not be accepted as they are issued only for 3 months, and frequent rotations add extra load to your and our DevOps teams and increase the API failure rate — the chance of forgetting to rotate a certificate is four times greater.
- Not shared: we strongly recommend not using the same certificate for Prod and Stage. However, please refer to your Company’s security policies. Separation is not a mandatory requirement by ConnectPay.
- DV: If you are ordering a new certificate and do not have any specific requirements, we recommend domain-validated (DV) certificates, as they are the quickest and easiest to obtain.
- SSL QWAC for PSD2: To access PSD2 Open Banking APIs, you, as TPP, must use extended eIDAS PSD2 certificate with proper PSD2 TPP roles.