Tutorials Latest 5 min read

Going Live Checklist

admin

Before You Go Live

Going live with your Aelix integration is straightforward, but completing this checklist will prevent the most common production issues.

✅ Security

  • All credentials stored in a secrets manager — not in code or config files
  • Production client secret is different from sandbox secret
  • IP allowlist configured for your production egress IPs
  • OAuth scopes reviewed — request only what you need
  • HTTPS enforced for all internal service-to-service calls

✅ Reliability

  • Exponential back-off retry logic implemented for 429 and 5xx responses
  • Idempotency keys used for all payment and write operations
  • Token refresh logic tested — application does not crash on token expiry
  • Circuit breaker in place to stop cascading failures if the API is unavailable
  • Timeouts configured (recommended: 30s connection, 60s read)

✅ Observability

  • All API responses logged with trace_id for debugging
  • Alert configured when error rate exceeds 1% over 5 minutes
  • Alert configured when API quota reaches 80%
  • Webhook delivery monitoring set up in the portal

✅ Functional Testing

  • Happy-path flows tested end-to-end in sandbox
  • All error codes handled gracefully in the UI
  • Webhook signature verification confirmed working
  • Pagination tested with >100 records
  • Concurrent request load test completed without errors

✅ Compliance

  • Data handling reviewed against applicable regulations (GDPR, PCI-DSS)
  • Audit log retention policy configured
  • Customer-facing consent flows reviewed with legal

Ready? Switch to Production

Update your environment variable from sandbox to production and your base URL from sandbox-api.aelix.digitalapi.ai to api.aelix.digitalapi.ai. Start with a small percentage of live traffic and monitor closely for the first 24 hours.