Guides
Start typing to search…

Testing & Sandbox

Use the sandbox to test payments, webhooks, and withdrawals before going live.

Testing & Sandbox

Test all payment flows in sandbox before processing real transactions.

Sandbox Environment

SettingValue
Dashboardhttps://sandbox.3pa-y.com/
TestnetsEthereum Sepolia (ERC20), Tron Nile (TRC20)
FundsTestnet tokens only — no real value

Sandbox and production are completely separate. API keys, webhooks, and balances do not carry over.

You need testnet USDT and gas tokens (Sepolia ETH or Nile TRX). Contact 3PAY support for help obtaining testnet tokens.

Test Invoice Payments

  1. Create invoice: POST /api/v1/transaction/create
  2. Send testnet USDT to the generated address
  3. Wait for detection and webhook
  4. Verify via GET /api/v1/public/transaction/verify

Full walkthrough: Make Your First Test Payment

Test Wallet Deposits

  1. Generate wallet: POST /api/v1/public/wallet/generate
  2. Get address: GET /api/v1/public/wallet/view/{userId}
  3. Send testnet USDT to the address
  4. Check balance: GET /api/v1/public/wallet/balance/{userId}

Full API reference: Wallet Payments

Test Withdrawals

Auto-approved: Send POST /api/v1/public/user/withdrawal/create with amount under threshold (default: 100 USDT). One webhook fires with final status.

Manual approval: Send amount above threshold or set autoWithdraw: false. Then approve/reject via API:

POST /api/v1/public/withdrawal-requests/{id}/approve   (requires x-api-secret)
POST /api/v1/public/withdrawal-requests/{id}/reject     (requires x-api-secret)

Full API reference: Pay-Outs & Withdrawals

Test Webhook HMAC

  1. Get your secret: POST /api/v1/webhook/secret/rotate (returns full secret once)
  2. Implement signature verification in your webhook handler
  3. Send test: POST /api/v1/webhook/test
  4. Confirm X-Webhook-Signature validates correctly
  5. Test with wrong secret — confirm rejection

Verification code examples: Webhook Handling

Test Rate Limits

Rate limits are active in sandbox with production thresholds. Send requests rapidly until you get 429, then verify your backoff logic works.

Rate limit tiers: Authentication & Security

Pre-Production Checklist

  • Invoice payment tested (both networks)
  • Wallet deposit tested
  • Withdrawal tested (auto + manual approval)
  • Webhook HMAC verification working
  • Rate limit retry logic implemented
  • Error handling covers 400, 401, 404, 429, 500

Then follow the Go Live Checklist.

Updated 26 days ago