Testing & Sandbox

Comprehensive testing guide for Cyrexa H2H integration with test data, scenarios, and sandbox configurations.

Sandbox Environment

  • Base URL: https://gateway.cyrexa.comp/ipg/2.0/
  • Purpose: Safe testing environment with simulated responses
  • Features: Test payment methods, webhook testing, 3DS simulation

Environment Differences: Test vs Production

  • The only difference between environments is the number of enabled H2H payment methods.
  • Endpoints, request/response schemas, and error codes are identical in Test and Production.
  • Production method availability depends on your tenant’s configuration and compliance enablement.

Test Credit Cards

Successful Payments

Card NumberBrandCVVExpiryExpected Result
4111111111111111Visa12312/25Success
5555555555554444Mastercard12312/25Success
378282246310005Amex123412/25Success
6011111111111117Discover12312/25Success

Failed Payments

Card NumberBrandExpected Result
4000000000000002VisaDeclined
4000000000000119VisaProcessing Error
4000000000000127VisaIncorrect CVC
4000000000000069VisaExpired Card

3D Secure Testing

Card Number3DS Outcome
40000000000032203DS Authentication Required
40000000000032383DS Authentication Failed
40000000000032463DS Authentication Unavailable

Test UPI IDs

Successful UPI Payments

UPI IDExpected Result
success@paytmPayment Success
test@googlepayPayment Success
demo@phonepePayment Success

Failed UPI Payments

UPI IDExpected Result
failure@paytmPayment Failed
insufficient@paytmInsufficient Funds
timeout@paytmTransaction Timeout
invalid@paytmInvalid UPI ID

Google Pay Testing

Sandbox Setup

  1. Use Google Pay test environment
  2. Configure test merchant ID
  3. Use test card tokens
// Google Pay test configuration
const testConfig = {
  environment: 'TEST',
  merchantId: '01234567890123456789',
  merchantName: 'Test Merchant'
};

Test Payment Tokens

{
  "protocolVersion": "ECv2",
  "signature": "test_signature_here",
  "signedMessage": "test_signed_message"
}

Apple Pay Testing

Sandbox Configuration

  1. Use Apple Pay sandbox certificates
  2. Configure test merchant identifier
  3. Test with iOS Simulator
// Apple Pay test setup
const applePayConfig = {
  merchantIdentifier: 'merchant.com.example.test',
  displayName: 'Test Store',
  domainName: 'test.example.com'
};

Webhook Testing

Test Webhook Payloads

Successful Payment

{
  "paymentRequestId": "pr_test_123456789",
  "status": "completed",
  "transactionId": "txn_test_987654321",
  "amount": 10.00,
  "currency": "USD",
  "timestamp": "2024-01-15T10:30:00Z",
  "signature": "test_signature_hash"
}

Failed Payment

{
  "paymentRequestId": "pr_test_123456789",
  "status": "failed",
  "errorCode": "CARD_DECLINED",
  "errorMessage": "Card was declined",
  "timestamp": "2024-01-15T10:30:00Z",
  "signature": "test_signature_hash"
}

Webhook Signature Testing

// Test webhook signature verification
const crypto = require('crypto');

function verifyWebhookSignature(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha512', secret)
    .update(payload)
    .digest('hex');
  
  return signature === expectedSignature;
}

// Test with known values
const testPayload = '{"paymentRequestId":"pr_test_123"}';
const testSecret = 'test_webhook_secret';
const testSignature = crypto
  .createHmac('sha512', testSecret)
  .update(testPayload)
  .digest('hex');

console.log('Signature valid:', verifyWebhookSignature(testPayload, testSignature, testSecret));

Test Scenarios

End-to-End Payment Flow

  1. Create Payment Request 
    curl -X POST https://gateway.cyrexa.comp/ipg/2.0//payments/h2h/1 \
  -H "X-API-Key: sandbox_key" \
  -H "Content-Type: application/json" \
  -d '{"name":"Test User","amount":10.00,"unit":"USD"}'
  2. Simulate Payment Completion
    • Use test card: 4111111111111111
    • Expected webhook: status: "completed"
  3. Verify Payment Status 
    curl -X GET https://gateway.cyrexa.comp/ipg/2.0//payment-requests/status/{id} \
  -H "X-API-Key: sandbox_key"

Error Handling Tests

Invalid API Key

curl -X POST https://gateway.cyrexa.comp/ipg/2.0//payments/h2h/1 \
  -H "X-API-Key: invalid_key" \
  -H "Content-Type: application/json"
# Expected: 401 Unauthorized

Missing Required Fields

curl -X POST https://gateway.cyrexa.comp/ipg/2.0//payments/h2h/1 \
  -H "X-API-Key: sandbox_key" \
  -H "Content-Type: application/json" \
  -d '{"amount":10.00}'
# Expected: 400 Bad Request

Invalid Amount

curl -X POST https://gateway.cyrexa.comp/ipg/2.0//payments/h2h/1 \
  -H "X-API-Key: sandbox_key" \
  -H "Content-Type: application/json" \
  -d '{"name":"Test","amount":-10.00,"unit":"USD"}'
# Expected: 400 Bad Request

Load Testing

Rate Limit Testing

// Test rate limits
async function testRateLimit() {
  const requests = [];
  
  // Send 150 requests (above 100/min limit)
  for (let i = 0; i < 150; i++) {
    requests.push(createTestPayment());
  }
  
  const results = await Promise.allSettled(requests);
  const rateLimited = results.filter(r => 
    r.status === 'rejected' && r.reason.status === 429
  );
  
  console.log(`Rate limited requests: ${rateLimited.length}`);
}

Webhook Testing Tools

ngrok for Local Testing

# Install ngrok
npm install -g ngrok

# Expose local webhook endpoint
ngrok http 3000

# Use the HTTPS URL as your webhook endpoint
# https://abc123.ngrok.io/webhook

Webhook Testing Server

const express = require('express');
const app = express();

app.use(express.json());

app.post('/webhook', (req, res) => {
  console.log('Webhook received:', {
    headers: req.headers,
    body: req.body,
    timestamp: new Date().toISOString()
  });
  
  res.status(200).send('OK');
});

app.listen(3000, () => {
  console.log('Webhook test server running on port 3000');
});

Testing Checklist

Pre-Production Testing

  • API Authentication
    • Valid API key works
    • Invalid API key returns 401
    • Missing API key returns 401
  • Payment Creation
    • Successful payment with valid data
    • Failed payment with invalid card
    • Validation errors for missing fields
  • Webhook Handling
    • Webhook signature verification
    • Handle successful payment webhook
    • Handle failed payment webhook
    • Webhook retry mechanism
  • Payment Status
    • Status check with valid ID
    • Status check with invalid ID
    • Status updates in real-time
  • Error Handling
    • Network timeout handling
    • Rate limit handling
    • Invalid response handling

Performance Testing

  • Load Testing
    • Handle expected traffic volume
    • Graceful degradation under load
    • Rate limit compliance
  • Stress Testing
    • System behavior at limits
    • Recovery after overload
    • Error rate monitoring

Monitoring & Debugging

Logging Best Practices

// Structured logging for debugging
const logger = {
  info: (message, data) => console.log(JSON.stringify({
    level: 'info',
    message,
    data,
    timestamp: new Date().toISOString()
  })),
  
  error: (message, error) => console.error(JSON.stringify({
    level: 'error',
    message,
    error: error.message,
    stack: error.stack,
    timestamp: new Date().toISOString()
  }))
};

// Usage
logger.info('Payment created', { paymentId: 'pr_123' });
logger.error('Payment failed', new Error('Card declined'));

Debug Mode

// Enable debug mode for detailed logging
const DEBUG = process.env.NODE_ENV === 'development';

if (DEBUG) {
  console.log('Request payload:', JSON.stringify(payload, null, 2));
  console.log('Response:', JSON.stringify(response, null, 2));
}

Next Steps

Error Handling

Handle errors and troubleshooting

Production Deployment

Deploy to production environment

Webhooks Guide

Advanced webhook configuration

API Reference

Complete API documentation