Production Readiness
Operational checklist for taking a Cobru integration from sandbox to live traffic.
Going live with Cobru is not just a credential switch. Treat production readiness as an operational milestone with explicit checks across auth, payment creation, callbacks, observability, and support workflows.
Start here
- Confirm your production credentials, callback URL, and logging strategy.
- Rehearse one payment end to end with manual reconciliation.
- Verify support can trace a payment from your internal order ID to Cobru objects.
- Define rollback criteria before turning on broad traffic.
Go-live checklist
Confirm production credentials are stored only in secure environment configuration and are not shared with frontend code.
Switch your base URL to https://prod.cobru.co only after sandbox flows are consistently
passing.
Confirm your callback URL is public, HTTPS, monitored, and idempotent.
Validate that your team can manually reconcile one payment from request to callback to internal order state.
Make sure support can locate payments by internal order ID and Cobru url slug.
Minimum controls before live traffic
| Area | Requirement |
|---|---|
| Auth | access-token caching and secure secret storage |
| Payments | safe serialization of payment_method_enabled and reliable redirect URLs |
| Webhooks | fast 200 response, persistence, deduplication, reconciliation |
| Logging | request IDs, raw Cobru responses, webhook event logs |
| Support | ability to trace a payment from internal order to Cobru payment object |
| Monitoring | alerts on failed payment creation and failed webhook processing |
Recommended launch strategy
- start with internal or low-risk traffic
- keep manual reconciliation enabled during the first production days
- avoid broad customer communication until you confirm callback handling is stable
- document who owns incident response during launch week
Known production-sensitive areas
Launch-day rollback criteria
Pause or limit live traffic if:
- payment creation success drops unexpectedly
- callbacks stop arriving or cannot be reconciled
- you cannot match Cobru payments to internal orders reliably
- support cannot diagnose failures from available logs
Read next
/docs/testing/docs/webhooks/docs/errors/docs/troubleshooting