Sandbox
The OID4Pay sandbox is the safe harbor for integration work. It runs the same code as production but is wired to Stripe testmode and resets on a weekly cadence. No production data ever crosses into sandbox; no sandbox data ever escalates to production.
Endpoints
| Component | Sandbox host | Production host |
|---|---|---|
| Authorization Server | sandbox.oid4pay.com | as.oid4pay.com |
| Wallet Portal | sandbox-wallet.oid4pay.com | wallet.oid4pay.com |
| Discovery | sandbox-discover.oid4pay.com | discover.oid4pay.com |
| CDN bundle | cdn.oid4pay.com/oid4ac-merchant/v1/loader.js?env=sandbox | cdn.oid4pay.com/oid4ac-merchant/v1/loader.js |
Test cards
The sandbox Stripe Connect account accepts the standard Stripe testmode PaymentMethod IDs. The most useful are:
| PaymentMethod | Card number | Behaviour |
|---|---|---|
pm_card_visa | 4242 4242 4242 4242 | Authorises and captures successfully. |
pm_card_chargeDeclined | 4000 0000 0000 0002 | Declines at authorisation. |
pm_card_authenticationRequired | 4000 0027 6000 3184 | Triggers 3DS step-up; exercises the wallet step-up flow. |
pm_card_chargeDisputed | 4000 0000 0000 0259 | Authorises, then synthesises a dispute event (good for testing the SSF receiver and the audit chain). |
Any expiry date in the future and any 3-digit CVC are accepted. The full list of testmode cards is at the Stripe documentation; OID4Pay does not intercept testmode card numbers.
Rate limits
| Endpoint | Limit |
|---|---|
POST /oauth/par | 60 requests per minute per client |
POST /oauth/token | 60 requests per minute per client |
POST /oauth/register | 30 registrations per hour per IP |
POST /merchant_test/verify-mandate | 120 verifications per minute per merchant |
POST /merchant_test/charge | 100 charges per hour per client (sandbox-only cap) |
GET /oauth/status-list | 10 requests per minute per IP (cache normally; this is the fallback ceiling) |
Reset cadence
The sandbox AS Postgres is wiped every Sunday at 02:00 UTC. Registered clients, issued mandates, and pending charges all clear. Plan your integration tests around the reset; the wipe is announced in advance on the changelog.
SSF event delivery
Sandbox SSF events are delivered to your registered receiver URL the same way as production. The sandbox synthesises rare events (disputes, refresh replays, mandate revocations) on a deterministic schedule:
- Daily 14:00 UTC: a synthesised
oid4ac.payment.disputedevent for a random sandbox charge from the past 24 h. - Daily 14:30 UTC: a synthesised
oid4ac.security.refresh_replayon a random sandbox client. - Daily 15:00 UTC: a synthesised
oid4ac.mandate.revokedevent.
What is identical to production
- Wire shapes (the wire reference is not relaxed).
- Algorithm whitelist enforcement.
- DPoP, PAR, JWT-AT, SD-JWT VC, KB-JWT signature checks.
- Audit chain (sandbox has its own chain; the chain head is signed every hour the same way).
What differs from production
- Stripe is testmode.
- Postgres resets weekly.
- SLA is best-effort (no on-call paging for sandbox-only outages).
- Default
OID4PAY_AUTO_CONSENT_ENABLED=true(skips the wallet consent screen for the sandbox client allowlist; flip tofalseper client to exercise the wallet UX).
Getting access
Sandbox is open. Register your first agent through POST /oauth/register on sandbox.oid4pay.com; no email allow-list. Production access
requires the production-onboarding form linked from the support page.