We want to make sure you and your users are safe when moving money super fast across our payment rails - we take risk management practices and our compliance obligations seriously so you'll need to complete certain business processes before proceeding through stage gates on your integration journey.
High level onboarding process:
For a more detailed outline of the processes your business must complete see Our Merchant Help Centre.
To access UAT you must have:
- Signed our NDA
- If you believe you will have a high volume of payments or have complex requirement(s) you will be required to sign a proposal outlining our mutual expectations before access to our UAT environment
- Provided necessary information about your business and your needs before providing access to UAT. Ensure you complete our information requests to get access quickly
- Understood the solution you will implement so we can set your initial configurations - see Choosing the right UX App
Once your build is complete you can request access to our Production environment. We have further controls on access to Production for the safety of our clients, partners and end users (as well as our reputation, let's be honest).
To access Production you must have:
- Signed our commercial Agreement
- Completed all necessary Due Diligence
- Passed UAT test processes
- Passed our CX & UX Review
- If using one of our UX Apps this is likely to be a light touch exercise
- If building your own custom UX this may be more involved and you should include us in early design work
- Depending on your situation additional requirements may be requested by our Risk and Compliance function.
Once you are clear on all the above, then read on to get started on your first integration
You don't need to have completed everything yet - as long as you have it in your plan
Complete prerequisites to enter UAT
See onboarding process above.
- Decide which of our Apps you will use (this will determine which of our APIs you need to use), or if building your own custom user experiences you will need to understand how your solution design needs to interact with our APIs
- Request on-boarding through the Azupay Help Centre
- Determine the API base url
- Try these links that will jump to new pages with sample code(then come back here to read more): AzupayOut Postman collection , AzupayID Postman collection and the Postman environment variables that go along with it.
- To check system status, visit azupay system status and subscribe to updates.
To start using Azupay APIs your business should have been on-boarded and you will have:
clientIdthat uniquely identifies your business with Azupay.
SECRapi keys to call the APIs.
- One or more domain names authorized to use for PayID creation.
The Azupay platform is regularly updated. Sometimes these changes result in changes to how the platform behaves.
These changes can be categorised as either breaking changes or non-breaking changes. Where the change is breaking we will issue a new version.
You should consider the following list when integrating with Azupay:
- Adding new resource endpoints.
- Supporting new HTTP verbs.
- Adding new optional request parameters, either as headers, in the body or as query parameters.
- Adding new optional response parameters, either as headers or in the body.
- Changing the order of properties in requests and responses.
- Changing wording of error messages designed to be displayed to users.
- Improved error reporting when an invalid request is received.
- Adding or removing TLS ciphers.
- Changing supported TLS versions.
- Changing the SSL certificate or which certificate authority signs it.
- Anything outside of the Non-Breaking changes list is considered a breaking change.
All requests must be accompanied by a Secret or Distributable key in the Authorization request header in the format:
GET https://api.azupay.com.au/v1/... Authorization: <[SecretKey|DistributableKey]>
You can get the Secret and Distributable key from the Dashboard:
- Click on Settings
- Find API Keys
- Click the Generate button to get your first set of API keys
- You can see what permissions each API key has on this settings page
Be careful with Secret Keys
You must store and handle the Secret Key carefully. We recommend that the key is visible only to authorised users in your organisation. The Secret Key in particular can be used to make outbound payments to any Australian bank account.
Use API connectivity for real time transaction processing if you possibly can, but if you really cannot it is possible to send and receive batch files instead. Check out our File transfer guide - Batch to set up your first integration with batch file communication.
Updated 24 days ago
Work out which is the right App for you