Developer Resources
Need Help?In Europe? Go to EU docs
Start typing to search…

Testing

Trustly provides a Sandbox environment for development and testing. The Sandbox environment supports all features and functionality of the production environment, but payment operations do not result in any funds activity.

The primary method for simulating scenarios is through Demo Banks accessible within the Trustly UI, using specific passwords to trigger desired outcomes.

Environment URLs

When deploying your application or libraries, ensure you use the correct base URL and authentication credentials for each environment.

ComponentProduction URLSandbox URL
API Base URLhttps://trustly.one/api/v1https://sandbox.trustly.one/api/v1
JavaScript Libraryhttps://trustly.one/start/scripts/trustly.jshttps://sandbox.trustly.one/start/scripts/trustly.js
Native SDKsSet the env property to productionSet the env property to sandbox (e.g., establishData["env"] = "sandbox")
Deprecated Base URLhttps://paywithmybank.comhttps://sandbox.paywithmybank.com

Sandbox usage and best practices

To access a Demo Bank, integrate the Trustly UI (Lightbox or Widget) into your application and use the search bar to select the desired Demo Bank.

General guidelines

  • Default Behavior (Happy Path): By default, any unique string used as a username and three or more alphanumeric characters used as a password will simulate a successful transaction, allowing the selection of a standard checking or savings account.
  • Use Unique Usernames: Avoid using generic usernames (e.g., test, demo). Use unique, descriptive names for each test scenario (e.g., happy_path_test_01, ineligible_user) to ensure the fastest and most reliable sandbox response.
  • Simulating Delays: To simulate a delay, enter Sleep as the username and the number of seconds (e.g., 30) as the password.

Simulation keyphrases

To manipulate the outcome of the bank authorization or the associated data, enter the corresponding keyword or phrase into the password field when logging into the Demo Bank.

User interaction and error scenarios

Password KeyphraseSimulated Use Case
NoEligibleAccountsNo eligible accounts found for the user.
LoginErrorWrong username or password entered.
UnavailableBank site cannot be reached.
AccountLockedUser's bank account is locked.
2FASimulates a bank requesting a Multi-Factor Authentication (MFA) challenge (answer with 'error' to simulate a wrong credential).
WrongCredentialsSimulates a general login retry scenario.
SessionTimeoutSimulates the user taking too long to provide requested information, resulting in an expired bank session.
NotSupportedSimulates a user with no supported accounts (e.g., Credit Cards only).

Conditional data and API responses

Password KeyphraseSimulated Effect
Balance{xxx}Configures the account to have a balance of {xxx} (e.g., Balance1000).
NotEnoughFundsConnector returns a single account with zero balance.
TimeoutErrorConnector sleeps for at least one minute before responding, simulating a system timeout.
ExpiredSplitTokenAuthorization succeeds, but subsequent Refresh API calls fail due to an expired split token.
AccFromUsernameReturns the account number from the pattern {prefix}_{accountnumber} found in the username.
AccNumberNullSimulates the account number returning a null value.
VirtualReturns a valid Virtual Account Number (VAN).

Manual entry and verification data

This data should be used when testing manual entry fields for micro-challenge deposits or manual account verification requests.

United States manual entry test data

The following are samples of Account Number and Routing Number pairs that simulate various risk scores (all routing numbers are 124003116):

Account NumberRouting NumberScoreThird-party ScoreVerifiedError CodeHTTP Status CodeScore Type
10000000001240031160false200Non Telecheck
10000000011240031161false200Non Telecheck
10000000021240031162false200Non Telecheck
10000000031240031163false200Non Telecheck
10000000041240031164false200Non Telecheck
10000000051240031165false200Non Telecheck
10000000061240031166true200Non Telecheck
10000000071240031167true200Non Telecheck
10000000081240031168true200Non Telecheck
10000000091240031169true200Non Telecheck
100000001012400311610true200Non Telecheck
100000100012400311600false200FCRA
10000011001240031161100false200FCRA
10000012001240031162200false200FCRA
10000013001240031163300false200FCRA
10000014001240031164400false200FCRA
10000015001240031165500false200FCRA
10000016001240031166600true200FCRA
10000017001240031167700true200FCRA
10000018001240031168800true200FCRA
10000019001240031169900true200FCRA
100000199912400311610999true200FCRA
100000100012400311600false200Non-FCRA
1000001015124003116115false200Non-FCRA
1000001020124003116120false200Non-FCRA
1000001025124003116125false200Non-FCRA
1000001035124003116135true200Non-FCRA
1000001045124003116145true200Non-FCRA
1002000000124003116200400
1003000000124003116300401
1003250000124003116325401
1003750000124003116375401
1001000000124003116100500

International manual entry test data

CountryExample Input (Sort Code + Account No. / IBAN)
United KingdomGB33BUKB20201555555555
FranceFR7630006000011234567890189
GermanyDE75512108001245126199
NetherlandsNL02ABNA0123456789

Mobile OAuth testing

To test deep linking and user experience for native mobile apps, use the specialized OAuth Demo Bank.

  1. Access the OAuth Demo Bank via the Trustly UI search bar in your application.
  2. Download the Companion App:
    • iOS: Use the [iOS TestFlight download].
    • Android: Email [email protected] with the subject "Android Demo Bank App" to request access for the email addresses that need to be invited.
  3. Testing Flow: When selecting the OAuth Demo Bank, the system will trigger a redirect that opens the companion app on the device/simulator, allowing you to proceed with the authenticated login flow.