Sandbox Testing
Test your Moneybag integration safely in our sandbox environment
Sandbox Testing
The Moneybag sandbox environment provides a safe space to test your payment integration without processing real transactions. This guide covers everything you need to know about sandbox testing.
Sandbox Overview
Sandbox Environment
All transactions in sandbox are simulated. No real money is processed. Perfect for testing your integration safely.
Key Features
- Full API Access: All production endpoints available
- Test Credentials: Pre-configured test cards and accounts
- Simulated Responses: Realistic payment flows
- No Real Money: Completely safe testing environment
- Higher Rate Limits: More requests allowed for testing
Access Details
- API Base URL:
https://sandbox.api.moneybag.com.bd - Dashboard: sandbox.moneybag.com.bd
- API Playground: Try API Playground
Creating a Sandbox Account
Step 1: Register
- Go to https://moneybag.com.bd/sandbox/
- Fill in your details
- Check your email for credentials
Step 2: Access Dashboard
- Log in to Sandbox Dashboard
- Navigate to Developer Settings → API Keys
- Generate your sandbox API key
Step 3: Store Your Credentials
# .env file
MONEYBAG_SANDBOX_API_KEY=sk_test_your_sandbox_key_here
MONEYBAG_SANDBOX_WEBHOOK_SECRET=whsec_test_your_secret_hereTest Cards
Use these test card numbers to simulate different scenarios:
Successful Payments
| Card Number | Brand | Description |
|---|---|---|
| 4111 1111 1111 1111 | Visa | Always approves |
| 5555 5555 5555 4444 | Mastercard | Always approves |
| 3782 822463 10005 | Amex | Always approves |
| 6011 1111 1111 1117 | Discover | Always approves |
Card Details:
- Expiry Date: Any future date (e.g., 12/25)
- CVV: Any 3 digits (4 for Amex)
- Name: Any name
- ZIP/Postal Code: Any valid code
Failure Scenarios
| Card Number | Error | Description |
|---|---|---|
| 4000 0000 0000 0002 | card_declined | Generic decline |
| 4000 0000 0000 9995 | insufficient_funds | Not enough balance |
| 4000 0000 0000 0069 | expired_card | Card expired |
| 4000 0000 0000 0127 | incorrect_cvc | Wrong CVV |
| 4000 0000 0000 0119 | processing_error | Processing error |
| 4242 4242 4242 4241 | incorrect_number | Invalid card number |
3D Secure Testing
| Card Number | Behavior |
|---|---|
| 4000 0000 0000 3220 | 3D Secure authentication required |
| 4000 0000 0000 3063 | 3D Secure authentication required (will fail) |
| 4000 0000 0000 3055 | 3D Secure supported but not required |
Mobile Banking Test Accounts
bKash
| Phone Number | PIN | OTP | Result |
|---|---|---|---|
| 01700000001 | 12345 | 123456 | Success |
| 01700000002 | 12345 | 123456 | Insufficient funds |
| 01700000003 | 12345 | 123456 | Account blocked |
| 01700000004 | 12345 | 000000 | Invalid OTP |
| 01700000005 | 99999 | 123456 | Invalid PIN |
Nagad
| Phone Number | PIN | OTP | Result |
|---|---|---|---|
| 01800000001 | 12345 | 123456 | Success |
| 01800000002 | 12345 | 123456 | Daily limit exceeded |
| 01800000003 | 12345 | 123456 | Service unavailable |
| 01800000004 | 12345 | 123456 | Transaction timeout |
Rocket
| Phone Number | PIN | OTP | Result |
|---|---|---|---|
| 01900000001 | 12345 | 123456 | Success |
| 01900000002 | 12345 | 123456 | Network error |
| 01900000003 | 12345 | 123456 | Invalid account |
Amount-Based Testing
Use specific amounts to trigger different behaviors:
| Amount (BDT) | Behavior | Use Case |
|---|---|---|
| 100.00 | Instant success | Happy path testing |
| 200.00 | Delayed success (10 seconds) | Timeout handling |
| 300.00 | Requires additional authentication | 3D Secure flow |
| 400.00 | Random result (50% success rate) | Retry logic |
| 500.00 | Pending for 30 seconds then success | Async processing |
| 666.66 | Always fails with insufficient funds | Error handling |
| 777.77 | Always fails with card declined | Decline handling |
| 999.00 | Always fails with generic error | Generic error handling |
| 1234.56 | Triggers partial refund scenario | Refund testing |
Testing Webhooks
Webhook Testing Endpoint
Trigger test webhooks to your endpoint:
curl -X POST https://sandbox.api.moneybag.com.bd/api/v2/webhooks/test \
-H "X-Merchant-API-Key: YOUR_SANDBOX_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://yoursite.com/webhook",
"event": "payment.success",
"data": {
"transaction_id": "TEST_TXN_123",
"amount": 100.00
}
}'Available Test Events
payment.successpayment.failedpayment.processingpayment.cancelledrefund.initiatedrefund.completedrefund.failed
Local Testing with ngrok
Test webhooks on your local machine:
# Install ngrok
npm install -g ngrok
# Expose your local server
ngrok http 3000
# Use the ngrok URL as your webhook endpoint
# https://abc123.ngrok.io/webhookTesting Different Scenarios
1. Successful Payment Flow
// Test successful payment
const testSuccessfulPayment = async () => {
const checkout = await createCheckout({
amount: 100.00, // Success amount
card: '4111111111111111'
});
// Verify payment
const verification = await verifyPayment(checkout.transaction_id);
assert(verification.status === 'SUCCESS');
};2. Failed Payment Handling
// Test payment failure
const testFailedPayment = async () => {
const checkout = await createCheckout({
amount: 999.00, // Failure amount
card: '4000000000000002'
});
// Handle failure
const verification = await verifyPayment(checkout.transaction_id);
assert(verification.status === 'FAILED');
};3. Refund Testing
// Test refund flow
const testRefund = async () => {
// Create payment
const payment = await createPayment(1234.56);
// Process full refund
const fullRefund = await processRefund(payment.transaction_id);
assert(fullRefund.status === 'COMPLETED');
// Process partial refund
const partialRefund = await processRefund(payment.transaction_id, 500.00);
assert(partialRefund.status === 'COMPLETED');
};4. Webhook Testing
// Test webhook handling
const testWebhook = async () => {
// Set up webhook endpoint
app.post('/webhook', (req, res) => {
const event = req.body;
switch(event.type) {
case 'payment.success':
// Handle success
break;
case 'payment.failed':
// Handle failure
break;
}
res.status(200).send('OK');
});
// Trigger test webhook
await triggerTestWebhook('payment.success');
};Sandbox Limitations
What's Different from Production
| Feature | Sandbox | Production |
|---|---|---|
| Real Payments | ❌ No | ✅ Yes |
| Rate Limits | 100/min | 60/min |
| Data Persistence | 7 days | Permanent |
| Webhook Retries | 3 attempts | 8 attempts |
| API Response Time | May be slower | Optimized |
| Test Credentials | ✅ Work | ❌ Blocked |
Data Reset Policy
- Sandbox data older than 7 days is automatically deleted
- Test accounts remain active
- API keys persist
- Webhook configurations saved
Moving to Production
Once testing is complete:
Pre-Production Checklist
- All test scenarios pass
- Error handling implemented
- Webhook integration tested
- Security measures in place
- Rate limiting implemented
- Logging configured
Migration Steps
-
Apply for Production Access
- Contact sales@moneybag.com.bd
- Submit business documents
- Complete verification
-
Update Configuration
// Change from sandbox const SANDBOX_URL = 'https://sandbox.api.moneybag.com.bd'; const SANDBOX_KEY = 'sk_test_...'; // To production const PRODUCTION_URL = 'https://api.moneybag.com.bd'; const PRODUCTION_KEY = 'sk_live_...'; -
Update Webhook URLs
- Change webhook endpoints to production
- Update webhook secrets
- Test webhook signature verification
-
Remove Test Code
- Remove test card numbers
- Remove debug logging
- Update error messages
Troubleshooting Sandbox Issues
Common Problems
API Key Not Working
- Verify you're using sandbox key (starts with
sk_test_) - Check you're using sandbox URL
- Ensure key is active in dashboard
Webhooks Not Received
- Verify webhook URL is publicly accessible
- Check webhook secret is correct
- Ensure ngrok is running (for local testing)
Test Cards Rejected
- Use correct test card numbers
- Ensure future expiry date
- Check amount triggers
Rate Limiting
- Sandbox allows 100 requests/minute
- Implement exponential backoff
- Use webhook testing endpoint sparingly
Best Practices
-
Test Edge Cases
- Network timeouts
- Invalid inputs
- Duplicate requests
- Race conditions
-
Automate Testing
// Automated test suite describe('Payment Integration', () => { it('handles successful payment', async () => { // Test implementation }); it('handles payment failure', async () => { // Test implementation }); it('processes refunds', async () => { // Test implementation }); }); -
Monitor Sandbox Usage
- Track API calls
- Monitor error rates
- Review webhook failures
-
Document Test Scenarios
- Keep test cases updated
- Document expected behaviors
- Share with team
Support
Need help with sandbox testing?
- Documentation: API Reference
- Support Email: support@moneybag.com.bd
- Status Page: status.moneybag.com.bd
- FAQ: Frequently Asked Questions