Going live checklist
Going live is a checklist, not a deploy. Walk it before you accept a single real charge.
Catalog
- Live tenant has all products and plans, with the same
codes your app references. - Currencies, intervals, and pricing models match the sandbox copy.
- Trial periods, commitment lengths, and proration policies are the values you intend to ship — not the defaults you used in dev.
- Plan archival policy understood: archived plans keep existing subscriptions running but are not assignable to new ones.
Payment provider
- At least one provider is connected and verified
(
/v1/admin/payment-providers/{id}/verifyreturns OK). - Webhook endpoints from the provider point at your live Paylera
ingress (
https://api.paylera.io/webhooks/<provider>). - You’ve made at least one real charge for £/$1 against a real card, and you’ve verified the payment succeeded and the invoice closed.
Webhooks
- You’ve registered at least one production webhook endpoint.
- Your handler verifies the
Paylera-Signatureheader against the raw request body — see Verifying signatures. - Your handler is idempotent on
event_id. (Test it: replay the same event twice; the second has no side effect.) - Your handler returns 2xx within 10 seconds. Long work goes onto a queue; the handler ack’s fast.
- You’re subscribed to the events you actually need. Resist
*— you’ll be paged on noise.
Tax
- Your tax engine is configured (Stripe Tax, Avalara, TaxJar).
- Your tenants’ tax IDs / nexus / origin addresses are filled in.
- Reverse-charge behaviour is what you expect for B2B EU customers.
FX
- Settlement currency configured per provider (the currency cash actually arrives in).
- FX rate source picked:
provider,ecb, ormanual. - If
manual, you have a process for posting daily rates; thefx-stalerunbook is in your operations playbook.
Authentication & access
- At least two operator accounts exist (no single point of failure).
- AAL2 (TOTP or WebAuthn) enrolled for every operator.
- Sandbox and live API keys clearly labelled and stored in your
secret manager — not in
.env.local. - Service-audience tokens (for backend-to-Paylera calls) are separate from interactive operator tokens.
Observability
- Your service emits structured logs with the
event_idof every webhook it processes. - Dashboards on: webhook receive lag, your handler error rate, and
payment.failedevent volume. - Alerts on: handler error rate >1% over 5 min, webhook signature verification failures.
Compliance
- Privacy policy mentions Paylera as a sub-processor (we ship a template).
- DPA signed with Paylera (on the dashboard, Settings → Legal).
- You understand how to fulfil a data-subject request: the DSR guide walks the API.
Switch
- Swap the base URL:
api.sandbox.paylera.io→api.paylera.io. - Swap the API key:
sk_sandbox_…→sk_live_…. - Run your smoke tests against live.
- Charge yourself £/$1 end-to-end. Refund it.
You’re live.