Skip to main content

Going Live

Ready to launch? This guide covers everything you need to transition from sandbox to production.

Pre-Launch Checklist

Use this checklist to ensure you’re ready:

Account Setup

  • Business verification completed
  • Live API keys generated
  • Webhook endpoints configured for production
  • Team members added with appropriate roles
  • Billing information updated

Integration

  • All sandbox testing completed
  • Error handling implemented
  • Webhook signature verification enabled
  • Idempotency keys used for financial operations
  • Rate limiting handled gracefully

Security

  • API keys stored securely (not in code)
  • HTTPS enforced on all endpoints
  • Input validation implemented
  • SQL injection prevention
  • XSS protection enabled

Compliance

  • KYC flow implemented
  • Transaction limits enforced
  • AML checks configured
  • Data privacy policy updated
  • Terms of service updated

Step 1: Complete Business Verification

Submit required documents in the developer console:
  1. Certificate of Incorporation
  2. CAC Status Report (less than 3 months old)
  3. Memorandum of Association
  4. Board Resolution (authorizing API integration)
  5. Director ID (Government-issued ID)
  6. Proof of Address (Utility bill, less than 3 months)
Verification typically takes 2-3 business days. Contact support if you need expedited review.

Step 2: Switch to Live Keys

Update your environment configuration: 
# Production API Keys
ZENTRA_SECRET_KEY=sk_live_xxxxxxxxxxxxxxxxxxxxxxxx
ZENTRA_PUBLIC_KEY=pk_live_xxxxxxxxxxxxxxxxxxxxxxxx

# Production Base URL
ZENTRA_API_URL=https://api.usezentra.com

# Production Webhook Secret
ZENTRA_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxxxxxxxxxxxxx
Never commit API keys to version control. Use environment variables or a secrets manager.

Step 3: Configure Production Webhooks

Set up reliable webhook handling: 
// 1. Verify signatures
const isValid = client.webhooks.verify(payload, signature);
if (!isValid) {
  return res.status(401).send('Invalid signature');
}

// 2. Handle idempotently
const existing = await db.webhookEvents.findUnique({
  where: { event_id: event.id }
});
if (existing) return res.status(200).send('Already processed');

// 3. Process reliably
try {
  await processEvent(event);
  await db.webhookEvents.create({
    data: { event_id: event.id, processed_at: new Date() }
  });
} catch (error) {
  // Return 500 to trigger retry
  return res.status(500).send('Processing failed');
}

res.status(200).send('OK');

Step 4: Set Up Monitoring

Error Tracking

Integrate with Sentry or similar: 
const Sentry = require('@sentry/node');

Sentry.init({
  dsn: process.env.SENTRY_DSN,
  environment: process.env.NODE_ENV
});

// Wrap API calls
async function safeAPICall(fn) {
  try {
    return await fn();
  } catch (error) {
    Sentry.captureException(error, {
      tags: { service: 'zentra' }
    });
    throw error;
  }
}

Health Checks

Monitor your integration: 
app.get('/health/zentra', async (req, res) => {
  try {
    // Test API connectivity
    const start = Date.now();
    await client.ping();
    const latency = Date.now() - start;

    res.json({
      status: 'healthy',
      latency_ms: latency,
      timestamp: new Date().toISOString()
    });
  } catch (error) {
    res.status(503).json({
      status: 'unhealthy',
      error: error.message
    });
  }
});

Alerting

Set up alerts for:
  • High error rates (>1% failed transactions)
  • Slow responses (>2s API latency)
  • Webhook failures (>3 consecutive failures)
  • Balance thresholds (wallet balance low)

Step 5: Implement Rate Limiting

Handle Zentra’s rate limits gracefully: 
const rateLimit = require('express-rate-limit');

// Limit your own API to prevent cascade failures
const zentraLimiter = rateLimit({
  windowMs: 60 * 1000, // 1 minute
  max: 100, // 100 requests per minute
  message: 'Too many requests. Please slow down.'
});

app.use('/api/payments', zentraLimiter);

// Handle Zentra rate limits
async function withRetry(fn, maxRetries = 3) {
  for (let i = 0; i < maxRetries; i++) {
    try {
      return await fn();
    } catch (error) {
      if (error.status === 429) {
        const delay = Math.pow(2, i) * 1000; // Exponential backoff
        await sleep(delay);
        continue;
      }
      throw error;
    }
  }
  throw new Error('Max retries exceeded');
}

Step 6: Secure Your Keys

Environment Variables

# Use a secrets manager in production
export ZENTRA_SECRET_KEY=$(aws secretsmanager get-secret-value \
  --secret-id zentra/production/api-key \
  --query SecretString --output text)

Key Rotation

Rotate keys periodically:
  1. Generate new key in the developer console
  2. Update your production environment
  3. Deploy changes
  4. Verify new key works
  5. Revoke old key
Set calendar reminders to rotate keys every 90 days.

Step 7: Test Production (Carefully)

Before full launch:
  1. Small Transactions: Test with minimal amounts first
  2. Real Accounts: Verify with your own bank accounts
  3. Full Flow: Complete end-to-end transaction
  4. Refund Test: Ensure refunds work
// Test transaction (use your own account)
const testTransfer = await client.transfers.create({
  amountMinor: 100, // ₦1 (minimal)
  recipient_account: 'YOUR_ACCOUNT',
  recipient_bank_code: 'YOUR_BANK',
  narration: 'Production test'
});

console.log('Test transfer:', testTransfer.status);

Step 8: Launch Monitoring Dashboard

Track key metrics:
MetricTarget
API Success Rate>99.5%
Avg Response Time<500ms
Webhook Delivery>99%
Transaction Success>95%

Post-Launch Checklist

After going live:
  • Monitor first 24 hours closely
  • Review error logs daily
  • Check webhook delivery status
  • Monitor transaction success rates
  • Gather customer feedback
  • Document any issues

Common Issues

”Invalid API Key”

  • Verify you’re using live keys, not sandbox
  • Check environment variable is loaded correctly
  • Ensure no extra whitespace in key

”Insufficient Balance”

  • Check your Zentra wallet balance
  • Set up auto-funding thresholds
  • Add billing alerts

”Webhook Not Received”

  • Verify URL is publicly accessible
  • Check firewall allows Zentra IPs
  • Confirm SSL certificate is valid

Support

Need help going live?

Next Steps

API Reference

Complete documentation

Webhook Events

All event types

Test Data

Testing reference

Status Page

Monitor API status