For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Dashboard
GuidesAPI ReferenceSDKs
GuidesAPI ReferenceSDKs
  • Get Started
    • Overview and Solutions
    • Choose an Integration
    • Quickstart
    • Branding Guidelines
    • Get Support
  • Accept Payments
    • Instant Payments
    • Trustly Pay
    • Recurring Payments
    • Scan and Pay
    • Remember Me
    • Payment Integration Checklist
  • Send Money
    • Send Payouts Using Online Banking
    • Send Payouts Using Account Information
    • International Transfers
  • Retrieve Data
    • Verify Accounts Using Online Banking
    • Verify Accounts Using Micro-Deposits
    • Retrieve Bank and User Information
    • Tokenize Bank Information
    • Trustly ID
    • Insights Data
  • Core Concepts
    • Key Concepts
    • The Establish Data Object
    • Transactions and Transaction IDs
    • Tokens and Account Security
    • Redirect URLs and Return Flow
    • Webhooks and Events
    • Content Strings
  • API Fundamentals
    • Authentication and OAuth
    • Secure Requests and Signature Validation
    • Idempotency
    • Testing
    • Status codes and type definitions
  • Manage Your Integration
    • Go-Live Checklist
    • Merchant Portal
    • Reports and Reconciliation
    • Refresh Bank Authorization
    • Override Risk Declines
    • VIP Tiers
    • Financial Institution Status
Dashboard
Products
PaymentsDataPayouts
Company
AboutCareersContact Sales

Terms of Use | Privacy Policy | © 2026 Trustly, Inc.

Developer-friendly docs for your API
GitHub|Contact Support|Business Help Center|Merchant Portal
Terms of Use|Privacy Policy|© 2026 Trustly, Inc.
Developer-friendly docs for your API
LogoLogo
North AmericaEurope
North AmericaEurope
On this page
  • User experience (UX) (Branding requirements)
  • Security and compliance (Generate request signatures)
  • Payment logic and data (Manage transactions)
  • Next steps
Accept Payments

Integration checklist

|View as Markdown|Open in Claude|
Was this page helpful?
Previous

Enable Trustly Remember Me

Next

Send money

Built with

Before you begin acceptance testing or move to production, use this checklist to verify you’ve successfully completed your Trustly integration.

User experience (UX) (Branding requirements)

  • Cancel flow: If a user clicks ‘Cancel’ in the Trustly Lightbox, ensure your application returns them to your checkout selection page, not an error page.
  • Error messages: If Trustly declines a transaction, display a friendly message asking the user to try again or choose a different bank, rather than a generic ‘System Error’.
  • Mobile responsiveness: Test the integration on a mobile device to ensure the Trustly Lightbox does not overlap with your site navigation bars or headers.

Security and compliance (Generate request signatures)

  • Request signatures: Ensure your backend generates a unique requestSignature for every Establish call. Never hardcode signatures or generate them on the client side.
  • Webhook validation: Verify your webhook listener validates the signature in the header of every incoming notification to prevent spoofing.
  • PII handling: Pass Personally Identifiable Information (Names, Emails) only in the customer object. Never pass PII in the description field.
  • Script source: Load the Trustly SDK directly from trustly.one. Do not host the script file on your own servers.

Payment logic and data (Manage transactions)

  • Establish Data parameters: Ensure your establishData payload includes all required customer and metadata fields before initiating a transaction.
  • Transaction IDs: Ensure your database stores the Trustly transactionId returned in the redirect URL and webhook. You need this ID for all future refunds or support requests.
  • Async fulfillment: Verify your system fulfills orders based on the COMPLETED webhook event, not just the user redirect to the success page.
  • Split tokens (Trustly Pay): If using Trustly Pay, capture and store the splitToken to enable one-click payments for returning users.
  • Duplicate handling: Ensure your webhook listener handles duplicate events idempotently. For example, if Trustly sends the same Success webhook twice, do not duplicate the payment.

Next steps

After validating your Trustly integration, complete the following tasks:

  • Test your integration: Validate your error handling and success paths in the Sandbox.
  • Schedule certification: Contact your assigned Trustly integration manager to complete a formal review of your integration.
  • Go-live checklist: Prepare your environment for production.