Environments & Rate Limits¶
Environments¶
SecPaid provides two separate environments:
| Environment | Base URL | Purpose |
|---|---|---|
| Production | https://app.secpaid.com |
Live payments, real money |
| Development | app.dev.secpaid.com | Testing, no real money charged |
Separate credentials
Each environment has its own API Key. Do not mix tokens between environments.
Development environment¶
The development environment runs at app.dev.secpaid.com. Use it for integration work, plugin setup (JTL, WooCommerce, etc.), and webhook testing before you go live.
| Development | Production | |
|---|---|---|
| Dashboard | app.dev.secpaid.com | app.secpaid.com |
| API base URL | https://app.dev.secpaid.com/api/v2/ |
https://app.secpaid.com/api/v2/ |
| Money | Test mode — no real charges | Live payments |
Development accounts
Development accounts are not created via self-signup. Contact support@secpaid.com to request access to app.dev.secpaid.com. We will provision your account and share your sandbox API Key and dashboard login. Use that key only against app.dev.secpaid.com — production keys do not work in development, and vice versa.
- Uses test mode — no real money is charged
- Use test card numbers for simulated payments
- Ideal for integration testing and webhook development
- Point shop plugins and API clients at Sandbox / development URLs and tokens until go-live
Production Environment¶
- Processes real payments via card and bank transfer
- All webhook calls go to your production servers
- Ensure your
callback_urlandpayment_endpointpoint to production URLs
Rate Limits¶
All API endpoints are rate-limited to prevent abuse:
| Scope | Limit |
|---|---|
| Per IP / per user | 60 requests per minute |
When you exceed the rate limit, subsequent requests receive an HTTP 429 Too Many Requests response until the window resets.
Best Practices¶
- Cache responses where appropriate (e.g., transaction lists)
- Use webhooks instead of polling for payment status
- Implement exponential backoff on rate limit errors
- Contact support if you need higher limits for your use case