DocsTesting Your Integration
Set up your test environment and use test credentials
Before going live, use a Cost+ sandbox website to verify your integration works correctly. There is no separate sandbox URL — you use the same production API endpoint (https://api.costplus.online/v1) with an API key from a sandbox website.
Getting Your Test API Key
- Log in to the Merchant Portal
- Navigate to Websites
- Create a new website and select Sandbox as the type, or select an existing sandbox website
- Click on Integration to find your API key
- Use this API key in your integration — all transactions will be simulated
Sandbox vs production mode is determined entirely by the website type in the Merchant Portal, not by the API URL. A sandbox website's API key processes simulated transactions; a production website's API key processes real payments. Both use the same API endpoint.
Test Card Numbers
Use the card numbers below to simulate different payment scenarios. Do not use real card numbers in test mode.
| Card Number | CVV | Brand | Result |
|---|---|---|---|
4111111111111111 | any | Visa | Success |
5544330000000037 | any | Mastercard | Success |
4462030000000000 | any | Visa | Success |
4111111111111105 | any | Visa | Do Not Honor |
4111111111111143 | any | Visa | Stolen Card |
4111111111111151 | any | Visa | Insufficient Funds |
Use any future expiry date and any 3-digit CVC.
Test card numbers only work in sandbox mode. Submitting them to a production website's API key will result in a declined transaction.
Error Codes
When a transaction fails, the API returns one of the following error codes in the transaction's reason field:
| Error Code | Description |
|---|---|
ERROR_CARD_AUTHENTICATION_FAILURE | 3DS authentication not completed in time; payment cancelled |
ERROR_CARD_CVV_NOT_VALID | CVV correctly formatted but not valid |
ERROR_CARD_INFORMATION_NOT_VALID | Card info correctly formatted but not valid |
ERROR_CARD_NOT_SUPPORTED_FOR_ECOMMERCE | Transaction not supported for eCommerce |
ERROR_CARD_NOT_VALID | Card ID is not valid |
ERROR_CARD_TYPE_DISABLED | Card type is disabled |
ERROR_TRANSACTION_FAILED | Card transaction failed |
ERROR_TRANSACTION_REJECTED_BY_CARD_PROCESSOR | Rejected by processor (includes Visa/MC industry numeric code) |
ERROR_TRANSACTION_TYPE_NOT_ALLOWED_BY_SELLER | Transaction type not allowed by seller |
ERROR_TRANSACTION_TYPE_NOT_SUPPORTED | Not supported by card network |
INVALID_CARD_CVV | CVV not recognized |
INVALID_CARD_NUMBER | Card number not recognized |
Common API Validation Errors
These errors are returned as 400 Bad Request when the API request itself is invalid:
| Error | Description |
|---|---|
| Unknown payment method | You supplied an incorrect payment method name |
| No permissions for payment method | Your API key (project) doesn't have permissions for the specified payment method |
| Payment method not enabled | The payment method has not been enabled for your API key (project) |
| Payment method not supported | Your API key (project) does not have the correct status to use the specified payment method |
If you receive "Payment method not enabled" or "No permissions", check the payment method configuration in the Merchant Portal under your website settings.