Web Production Checklist

Launch in Production Checklist

This section highlights best practices and recommendations to help you achieve the best user experience with Dapi integration.


ClientUserID configuration

ClientUserID is used to distinguish between different users on the same device. The value for ClientUserID needs to be set by you. We recommend setting clientUserID to your actual user ID that you use to distinguish between users. You should update the clientUserID once the user logs out and another user logs in.

Why? clientUserID is used to keep track of the bank connections in the cache.


Bank IDs

If your logic is relying on bankIDs, then note that sandbox and production bankIDs are different. For example, ADCB:

  • Production: ADCBAEAA


Displaying error messages

Web SDK does not support automatic displaying of error messages for Data and Payment API endpoints. Depending on your flow, we suggest setting up a way to communicate the occurrence of an error to the user.

You can determine the occurrence of an error in the .catch block.

 .then(cardsResponse => {})
 .catch(error => {console.dir(error)})


Loading screens

Web SDK does not support showing loading screens between Data and Payment API calls. We suggest setting up a loading background for the SDK, so that the user would understand there is an operation going on.

You can leverage the onAuthModalOpen and onAuthModalSubmit callbacks if needed.


Caching set-up

Caching for the Web SDK can work in 2 different ways:

  • By default, we offer browser level caching where the linked bankAccount objects are kept in the browser cache and can be retrieved with the corresponding clientUserID. Unlike on mobile SDKs, this cache is temporary and depends on the active session of the user.
  • For a more permanent solution and a better user experience we recommend storing the object from the cache on your backend alongside a unique identifier for the user. This will allow you to use the cache regardless of the browsers and sessions used.



NB! Only applicable if you are using caching

When receiving this error, the bank connection should be abandoned. Depending on your flow, you can do one or multiple of those steps:

  • Delete the connection by deleting the bankAccount object used
  • Prompt the user with Connect screen again by creating a new var dapi = Dapi.create({...}) object and calling dapi.open()

Why? This error indicates that the user has updated their online banking credentials. This means that also the linked bank account details should be updated. If your application continues to use outdated details, it may result in blocking the user's banking account.


Do you have internal timeouts?

Do you usually have a default timeout for the requests going out of your application or server? It is possible that resolving a request with the bank can take longer. Dapi has an internal timeout at

  • 240 seconds for payment/transfer/autoflow and wire/transfer/autoflow
  • 120 seconds for all other endpoints

Having a shorter timeout on your end can result in 504 errors.

Additional checklist for Data API

Only applicable if you are querying for transaction histories


Transaction ranges

Each bank supports a different range of transactions.

You can retrieve the supported ranges from ba.metadata.getAccounts()

For expected response see: Metadata API. Refer to the transactionRange parameter.

Additional checklist for Payment API


Special characters

Please double-check that you are only passing in alpha-numeric values in the beneficiary information. Including special characters in any of the fields will result in errors later on.



Make sure you have handled the beneficiary cooldown period. Receiving this error means that beneficiary activation will take time from the bank side and the user must wait for the cooldown period to end before attempting the transfer again.

The exact time taken varies based on the user's bank. You can get the time take for the beneficiary to be active for any bank by using getAccountsMetaData API. You can for example use it to schedule a notification for the user to send money again when the beneficiary is activated.


Do you need to reconcile the transfers?

If yes, make sure you are leveraging the remarks field in payment/transfer/autoflow or payment/transfer/create.

The remark field can hold any value set by you. It would be useful to use a value that uniquely identifies the transfer on your application side.

In order to be sure that the entire value can be used, we recommend keeping the remarks shorter than 15 characters.

NB! No special characters are allowed in the remarks field


Transfer Confirmation Failed

TRANSFER_CONFRIMATION_FAILED is a special error that we recommend handling. The error means that at the very last step of the transfer the bank returns a general error message.

This can happen sometimes due to the bank's side internal errors.

In these cases, there is still a possibility that the transfer was successful and the money was debited from the account. We advise checking with the end-user when this error message is received.

Production Access

Once you have completed the above checklist here are the 2 simple steps to move your application from Sandbox to Production.

1. AppKey Permissions

Contact the Dapi team to give your existing appKey permission to make calls in our Production environment.

2. Change the Dapi.environments variable to .production

Congratulations, you are all set with your Dapi integration!