Testing with Postman Collection

To help you test the Trustist Ecommerce API efficiently, we provide a Postman collection that you can import and use to send requests to our API. Postman is a popular API testing tool that allows you to easily create, save, and execute HTTP requests with proper authentication.

Sandbox Environment Setup

Before you start testing, you need to set up a sandbox account. The sandbox environment allows you to test your integration without processing real payments.

Creating a Sandbox Account

  1. Visit https://sandbox.trustisttransfer.com
  2. Click on the "Sign up now" link on the login screen
  3. If you already have a live TrustistTransfer account, you can use the same login details
  4. Note: Sandbox and live accounts are completely separate
๐Ÿ“ Sandbox Indicator: While logged into the sandbox, you'll see a yellow label in the top left reminding you that you're in the test environment.

Getting Sandbox API Keys

  1. Log in to your sandbox account
  2. Navigate to Settings โ†’ API Keys
  3. Generate your sandbox API key pair (public ID and private key)

Test Bank Accounts

The sandbox includes test bank accounts for simulating different payment scenarios:

Mock Redirect Bank

Use this for simple payment completion testing. It immediately returns success without user interaction. Select "Mock Redirect Bank" when prompted during payment flow.

Lloyds Bank Test Account

Use this when testing standing orders or account verification. Test credentials:

  • Username: llr001
  • Password: Password123
โš ๏ธ Test Environment: The sandbox simulates bank communication but does not process real financial transactions. Always use the "Mock Redirect Bank" for reliable testing.

Getting Started with Postman

Step 1: Install Postman

If you haven't already, download and install Postman from https://www.postman.com/downloads/.

Step 2: Import the Collection

  1. Open Postman and click the "Import" button in the top left corner
  2. Download the Trustist Ecommerce API Postman collection (JSON)
  3. Click "Import" to confirm the import
  4. The collection will appear in your Postman workspace

Step 3: Configure Environment Variables

Before sending requests, you need to set up environment variables:

  1. Click the gear icon in the top right corner to open "Manage Environments"
  2. Create a new environment
  3. Add the following variables:
Variable Description Example Value
hawk-id Your Hawk auth ID (the public component of your API key, typically merchant/client ID) abc123-def456-ghi789
hawk-key Your Hawk auth key (the secret/private component of your API key) your-private-key-here
trustistecommerce-api-host The API host URL Sandbox: https://api-sandbox.trustistecommerce.com
Production: https://api.trustistecommerce.com
โš ๏ธ Important: Always start with the sandbox environment (https://api-sandbox.trustistecommerce.com) when testing your integration. Only switch to production once your integration is fully tested and ready.

Step 4: Select Your Environment

Select the environment you just created from the dropdown menu in the top right corner of Postman. This ensures all requests use the correct API host and credentials.

Step 5: Test an Endpoint

  1. Expand the TrustistEcommerce API collection
  2. Select an endpoint (for example: "Create Payment (Hosted Page)" or "Create Payment Attempt (Bank Redirect)")
  3. Ensure the request is using Hawk authentication with the correct credentials
  4. Review the request body and modify as needed
  5. Click "Send" to execute the request
  6. View the response below the request

Using Hawk Authentication in Postman

Postman has native support for Hawk authentication. To configure it:

  1. Select a request from the collection
  2. Go to the Authorization tab
  3. Select Hawk Authentication from the "Type" dropdown
  4. Configure the Hawk settings:
    • Hawk Auth ID: {{hawk-id}}
    • Hawk Auth Key: {{hawk-key}}
    • Algorithm: sha256

For more details on Hawk authentication, see the Postman Hawk Authentication documentation or our Authentication guide.

Pre-defined Tests

The Postman collection includes pre-defined tests for some requests. After sending a request, check the "Test Results" tab below the response to see if the tests passed or failed.

These tests help you verify:

  • HTTP status codes are correct (200, 201, 400, etc.)
  • Response structure matches the expected format
  • Required fields are present in responses
  • Authentication is working correctly

Environment Comparison

Feature Sandbox Production
API Host https://api-sandbox.trustistecommerce.com https://api.trustistecommerce.com
Real Money โŒ No โœ… Yes
Test Credentials โœ… Available from sandbox account โŒ Use live merchant credentials only
Webhooks โœ… Delivered to your test endpoints โœ… Delivered to your production endpoints
Rate Limiting More relaxed Standard limits apply

Common Testing Workflows

Testing Payment Creation

  1. Use the "Create Payment (Hosted Page)" endpoint in the collection
  2. Modify the request body with your test data
  3. Send the request and note the paymentId and payLink in the response
  4. Visit the payLink in a browser to complete the payment flow
  5. Use the "Get Payment" endpoint to check the payment status

Testing Payment Attempts

  1. Create a payment first using "Create Payment (Hosted Page)" (or MOTO if required).
  2. (Bank flow) call "List Banks (Country + Rails)" and capture a bankId.
  3. Create an attempt using either:
    • "Create Payment Attempt (Bank Redirect)" for Open Banking
    • "Create Payment Attempt (Card)" for card processing
  4. If requiredAction.url is returned, follow that URL in a browser.
  5. For card challenge flows, run "Finalize Payment Attempt (Card)" after challenge completion.
  6. Confirm final state with "Get Payment" and/or your payment webhook receiver.

For full attempt semantics and validation rules, see Payment Attempts.

Testing Standing Orders

  1. Use the "Create Standing Order" endpoint
  2. Configure the frequency (WEEKLY, MONTHLY, etc.)
  3. Send the request and note the standingOrderId and mandateLink
  4. Visit the mandateLink to complete the Direct Debit mandate setup
  5. Use the "Retrieve Standing Order" endpoint to check the status

Testing Webhooks

To test webhook delivery during development:

  1. Set up a webhook endpoint using a tool like webhook.site or ngrok
  2. Configure the webhook URL in your TrustistTransfer portal (Settings โ†’ API Keys)
  3. Create a payment or standing order using Postman
  4. Complete the payment/mandate flow
  5. Verify that the webhook is delivered to your test endpoint

For more details on webhooks, see our Payment Webhooks guide.

Troubleshooting

Authentication Errors

Symptom: 401 Unauthorized responses

Solutions:

  • Verify your hawk-id and hawk-key are correct
  • Ensure you're using the correct environment (sandbox vs production)
  • Check that Hawk authentication is properly configured
  • Verify the algorithm is set to sha256

Invalid Request Errors

Symptom: 400 Bad Request responses

Solutions:

  • Check the request body matches the expected format
  • Ensure all required fields are present
  • Verify data types (numbers as numbers, strings as strings)
  • Check the API documentation for the specific endpoint

Network Errors

Symptom: Unable to connect or timeout errors

Solutions:

  • Verify the trustistecommerce-api-host variable is correct
  • Check your internet connection
  • Ensure your firewall isn't blocking the requests
  • Try accessing the API host URL directly in a browser

Next Steps