Trustly provides a Sandbox environment for development and testing. The Sandbox environment supports all features and functionality of the production environment, but payment operations do not result in any funds activity.
The primary method for simulating scenarios is through Demo Banks accessible within the Trustly UI, using specific passwords to trigger desired outcomes.
Environment URLs
When deploying your application or libraries, ensure you use the correct base URL and authentication credentials for each environment.
| Component | Production URL | Sandbox URL |
|---|---|---|
| API Base URL | https://trustly.one/api/v1 | https://sandbox.trustly.one/api/v1 |
| JavaScript Library | https://trustly.one/start/scripts/trustly.js | https://sandbox.trustly.one/start/scripts/trustly.js |
| Native SDKs | Set the env property to production | Set the env property to sandbox (e.g., establishData["env"] = "sandbox") |
| Deprecated Base URL | https://paywithmybank.com | https://sandbox.paywithmybank.com |
Sandbox usage and best practices
To access a Demo Bank, integrate the Trustly UI (Lightbox or Widget) into your application and use the search bar to select the desired Demo Bank.
General guidelines
- Default Behavior (Happy Path): By default, any unique string used as a username and three or more alphanumeric characters used as a password will simulate a successful transaction, allowing the selection of a standard checking or savings account.
- Use Unique Usernames: Avoid using generic usernames (e.g.,
test,demo). Use unique, descriptive names for each test scenario (e.g.,happy_path_test_01,ineligible_user) to ensure the fastest and most reliable sandbox response. - Simulating Delays: To simulate a delay, enter
Sleepas the username and the number of seconds (e.g.,30) as the password.
Simulation keyphrases
To manipulate the outcome of the bank authorization or the associated data, enter the corresponding keyword or phrase into the password field when logging into the Demo Bank.
User interaction and error scenarios
| Password Keyphrase | Simulated Use Case |
|---|---|
NoEligibleAccounts | No eligible accounts found for the user. |
LoginError | Wrong username or password entered. |
Unavailable | Bank site cannot be reached. |
AccountLocked | User's bank account is locked. |
2FA | Simulates a bank requesting a Multi-Factor Authentication (MFA) challenge (answer with 'error' to simulate a wrong credential). |
WrongCredentials | Simulates a general login retry scenario. |
SessionTimeout | Simulates the user taking too long to provide requested information, resulting in an expired bank session. |
NotSupported | Simulates a user with no supported accounts (e.g., Credit Cards only). |
Conditional data and API responses
| Password Keyphrase | Simulated Effect |
|---|---|
Balance{xxx} | Configures the account to have a balance of {xxx} (e.g., Balance1000). |
NotEnoughFunds | Connector returns a single account with zero balance. |
TimeoutError | Connector sleeps for at least one minute before responding, simulating a system timeout. |
ExpiredSplitToken | Authorization succeeds, but subsequent Refresh API calls fail due to an expired split token. |
AccFromUsername | Returns the account number from the pattern {prefix}_{accountnumber} found in the username. |
AccNumberNull | Simulates the account number returning a null value. |
Virtual | Returns a valid Virtual Account Number (VAN). |
Manual entry and verification data
This data should be used when testing manual entry fields for micro-challenge deposits or manual account verification requests.
United States manual entry test data
The following are samples of Account Number and Routing Number pairs that simulate various risk scores (all routing numbers are 124003116):
| Account Number | FCRA Score | Verified | Outcome |
|---|---|---|---|
1000001999 | 999 (Highest confidence) | true | Success |
1000001000 | 0 (Failed RT validation) | false | Fraud/Failure |
1000001025 | 25 (Suspicious format) | false | Failure |
1000001045 | 45 (Known good) | true | Success |
International manual entry test data
| Country | Example Input (Sort Code + Account No. / IBAN) |
|---|---|
| United Kingdom | GB33BUKB20201555555555 |
| France | FR7630006000011234567890189 |
| Germany | DE75512108001245126199 |
| Netherlands | NL02ABNA0123456789 |
Mobile OAuth testing
To test deep linking and user experience for native mobile apps, use the specialized OAuth Demo Bank.
- Access the OAuth Demo Bank via the Trustly UI search bar in your application.
- Download the Companion App:
- iOS: Use the [iOS TestFlight download].
- Android: Email
[email protected]with the subject "Android Demo Bank App" to request access for the email addresses that need to be invited.
- Testing Flow: When selecting the OAuth Demo Bank, the system will trigger a redirect that opens the companion app on the device/simulator, allowing you to proceed with the authenticated login flow.