Production Access

Going Live

Follow these steps to transition from the sandbox environment to production:

Complete Compliance Checks:
- Submit KYC documentation for your business, including business registration, tax ID, and ownership details.
- Ensure compliance with the National Bank of Ethiopia’s open banking regulations.
- Provide evidence of user consent mechanisms for data sharing.
Apply for Production API Keys:
- Submit an application via the Ethiopian Platform portal: https://api.birr-connect.com/portal.
- Include a detailed description of your use case and integration plan.
- Await approval, typically within 5-10 business days.
Test with Live Bank Data:
- Use production API keys in a controlled environment to test integration with live bank data.
- Verify functionality for critical flows like authentication, payments, and transaction retrieval.
- Monitor for errors and ensure compliance with rate limits.
Submit Documentation for Ethiopian Banks:
- Provide partnership agreements or MOUs with participating banks, if required.
- Include technical documentation outlining your integration, security measures, and data handling practices.
- Submit audit logs or compliance reports as requested by the bank or regulator.

Before going live, ensure the following:

Secure API Key Storage:
- Store production API keys in environment variables or a secure vault.
- Implement key rotation policies and restrict key access to authorized personnel.
Compliance with Data Privacy Laws:
- Adhere to Ethiopian data protection regulations and open banking guidelines.
- Implement user consent flows and provide options to revoke data access.
- Use AES-256 encryption for data at rest and TLS for data in transit.
Error Handling for Production Scenarios:
- Handle transient errors (e.g., 503 Service Unavailable) with retry logic and exponential backoff.
- Gracefully manage bank downtime with user-friendly messages and fallback options.
- Log errors securely for debugging without exposing sensitive data.