# Go Live Before moving your KwikPaisa integration to production, merchants should complete all security validations, UAT testing, webhook verification, reconciliation checks, and operational readiness reviews. Going live means your application will begin processing real customer payments and payouts using production banking infrastructure. Proper production readiness helps ensure: * Stable transaction processing * Secure API communication * Reliable payment workflows * Accurate payout settlements * Safe customer experience *** ## Production Readiness Requirements Before production activation, merchants should ensure: * Sandbox integration completed successfully * UAT testing approved * Webhook verification implemented * Signature validation working correctly * Retry handling configured * Error handling implemented * Transaction reconciliation validated * Security review completed *** ## Production Base URL ```http https://api.kwikpaisa.com ``` ## Production Credentials Production credentials are issued after successful onboarding and compliance verification. Example production headers: ``` Content-Type: application/jsonAccept: application/jsonX-API-KEY: pk_live_xxxxxxxxxX-SIGNATURE: GENERATED_SIGNATUREX-TIMESTAMP: GENERATED_TIMESTAMP ``` *** ## Environment Migration Checklist Before switching from Sandbox to production: | Requirement | Status | | ----------------------------- | ----------- | | Replace Sandbox API keys | Required | | Replace Sandbox secret keys | Required | | Update production base URLs | Required | | Configure production webhooks | Required | | Verify signature generation | Required | | Enable IP whitelisting | Recommended | | Validate retry workflows | Required | | Enable transaction monitoring | Recommended | *** ## Production Security Requirements Merchants should implement: * HTTPS-only communication * Server-side signature generation * Secure credential storage * Webhook signature verification * Replay attack protection * Access control policies * Transaction audit logging *** ## Webhook Production Setup Before going live: * Configure production webhook URLs * Verify webhook signatures * Test duplicate event handling * Implement webhook retries * Store webhook audit logs Webhook endpoints must: * Be publicly accessible * Support HTTPS * Return HTTP 200 quickly * Handle JSON payloads properly *** ## Transaction Monitoring Production systems should continuously monitor: * Payment success rates * Payout processing * Failed transactions * Webhook delivery status * API response failures * Retry attempts * Reconciliation mismatches *** ## Recommended Production Workflow ### Payment Flow 1. Create payment order 2. Redirect customer to hosted checkout 3. Receive webhook notification 4. Verify payment using Order Status API 5. Update internal order status 6. Reconcile settlements *** ### Payout Flow 1. Check payout wallet balance 2. Initiate payout 3. Track payout status 4. Store UTR/reference numbers 5. Verify webhook notifications 6. Reconcile payout records *** ## Logging Recommendations Merchants should securely log: * API requests * API responses * Transaction references * Webhook payloads * Retry attempts * Error responses * Signature verification results These logs help with: * Debugging * Audit tracking * Reconciliation * Compliance reviews *** ## Common Production Issues ### Invalid Signature Possible reasons: * Incorrect secret key * Payload modification * Timestamp mismatch *** ### Webhook Failures Possible reasons: * Incorrect webhook URL * SSL certificate issues * Slow webhook responses *** ### Authentication Errors Possible reasons: * Invalid production API keys * Expired timestamps * Incorrect signature generation ## Recommended Go-Live Checklist Before enabling live traffic: * Complete end-to-end testing * Verify webhook security * Validate reconciliation workflows * Test failure handling * Verify retry logic * Confirm production credentials * Enable monitoring systems * Review operational alerts *** ## Security Recommendations * Never expose production secret keys * Restrict API access securely * Rotate credentials periodically * Validate all incoming webhooks * Maintain audit logs for compliance *** ## Best Practices * Monitor transactions continuously * Validate payment and payout statuses server-side * Use idempotent transaction IDs * Implement retry-safe workflows * Maintain reconciliation systems * Handle webhook events asynchronously ## Important Notes * Production transactions involve real money movement * Banking settlement delays may occur * Webhook delivery timing may vary * Final transaction validation should always happen server-side --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://developers.kwikpaisa.com/v3-guide/going-live/go-live.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.