Best Practices
Production-ready best practices for AuxVault integration.
๐ Security
Never Hardcode Credentials
// โ BAD
const apiKey = 'live_abc123...';
// โ
GOOD
const apiKey = process.env.LUQRA_API_KEY;
Always Use HTTPS
// โ BAD
const baseUrl = 'http://api.auxvault.com';
// โ
GOOD
const baseUrl = 'https://api.auxvault.com';
Verify Webhook Signatures
// โ
ALWAYS verify signatures
const isValid = client.webhooks.verify(payload, signature);
if (!isValid) {
return res.status(401).send('Invalid signature');
}
๐ป Code Quality
Use Idempotency Keys
// โ
Prevent duplicate charges
const transaction = await client.transactions.create({
idempotencyKey: `order_${orderId}_${attempt}`,
amount: 100.00,
...
});
Handle All Errors
// โ
Comprehensive error handling
try {
const result = await processPayment();
} catch (error) {
if (error.code === 'TRANSACTION_DECLINED') {
// Handle decline
} else if (error.code === 'RATE_LIMIT_EXCEEDED') {
// Retry with backoff
} else {
// Log and alert
}
}
Use Exponential Backoff
// โ
Smart retry logic
async function retryWithBackoff(fn, maxRetries = 3) {
for (let i = 0; i < maxRetries; i++) {
try {
return await fn();
} catch (error) {
if (!isRetryable(error) || i === maxRetries - 1) {
throw error;
}
await sleep(Math.min(1000 * Math.pow(2, i), 10000));
}
}
}
๐ Performance
Cache Static Data
// โ
Cache payment methods, merchants, etc.
const cache = new Map();
async function getCustomer(id) {
if (cache.has(id)) return cache.get(id);
const customer = await client.customers.get(id);
cache.set(id, customer);
return customer;
}
Use Webhooks Over Polling
// โ BAD: Poll every second
setInterval(() => checkStatus(), 1000);
// โ
GOOD: Use webhooks
app.post('/webhook', (req, res) => {
if (req.body.type === 'transaction.approved') {
handleApproval(req.body.data);
}
});
Batch Requests When Possible
// โ BAD: 100 individual requests
for (const txn of transactions) {
await client.transactions.get(txn.id);
}
// โ
GOOD: 1 batch request
const txns = await client.transactions.list({
ids: transactions.map(t => t.id)
});
๐ฏ User Experience
Show Clear Error Messages
// โ BAD
alert('Error');
// โ
GOOD
alert('Payment declined. Please try a different card or contact your bank.');
Validate Before Submitting
// โ
Client-side validation
function validateCard(card) {
if (!isValidCardNumber(card.number)) {
return 'Invalid card number';
}
if (!isValidExpiry(card.expiry)) {
return 'Card expired';
}
return null;
}
Provide Payment Confirmation
// โ
Always send receipt
if (transaction.status === 'approved') {
await sendReceipt(customer.email, transaction);
showSuccessMessage('Payment successful!');
}
๐ Monitoring
Log Important Events
// โ
Log all transactions
logger.info('Transaction created', {
transactionId: txn.id,
amount: txn.amount,
status: txn.status
});
Set Up Alerts
// โ
Alert on high error rates
if (errorRate > 0.05) {
alertOps('High error rate detected');
}
Track Key Metrics
- Success rate
- Average response time
- Decline rate
- Webhook delivery rate
๐ฐ Financial
Reconcile Daily
// โ
Daily reconciliation
async function reconcileDaily() {
const report = await client.reports.daily(yesterday);
const ourTotal = await database.getTotalForDay(yesterday);
if (report.total !== ourTotal) {
alertFinance('Reconciliation mismatch');
}
}
Handle Settlements Properly
- Understand settlement schedule
- Account for holds and reserves
- Track refunds separately
๐งช Testing
Test in Sandbox First
// โ
Always test in sandbox
if (process.env.NODE_ENV === 'production') {
// Production settings
} else {
// Sandbox settings
}
Test All Scenarios
- Approved transactions
- Declined transactions
- Network failures
- Timeout scenarios
- Webhook failures
๐ Support
Keep Support Contacts Ready
- Technical support email
- Account manager contact
- Emergency hotline
Document Your Integration
- API endpoints used
- Webhook configuration
- Error handling approach
- Deployment process
Need help? Contact support@auxvault.com