Adding a gateway
A gateway is the payment processor that authorises card transactions on your behalf. You can't take a single payment until at least one gateway is configured and active.
The Gateways page
Open Gateways from the sidebar. You'll see two sections:
- Your Gateways — gateways already configured. Each row shows a Status toggle, test/live currency counts, capture mode, enabled modes, and an Edit link.
- Available Gateways — tiles for every processor your plan supports but you haven't configured yet. Each tile shows capability chips (Auth, Sale, Refund, Tokenization, 3D Secure, HPP, etc.) and a Configure button.
Plan limits
Your plan caps how many gateways you can have configured per merchant account. If you hit the cap, the configure flow returns an error pointing to the upgrade page.
Supported processors
| Gateway | Use it for | Card capture |
|---|---|---|
| PowerTranz Direct | First Atlantic Commerce / PowerTranz API charging. Direct card entry on your checkout page. | Direct |
| PowerTranz HPP | Same processor, but uses PowerTranz's hosted page so the card never touches your domain. | Hosted |
| MPGS Direct API | Mastercard Payment Gateway Services (Sagicor, RBC, FAC, etc.) — direct API. | Direct |
| MPGS Hosted Payment Page | MPGS via the hosted checkout (less PCI scope; lighter branding control). | Hosted |
| PayPal | PayPal Smart Buttons + cards via PayPal. | Hosted |
Credentials per gateway
PowerTranz Direct & HPP
- PowerTranz Merchant ID — issued by FAC / PowerTranz.
- Processing Password — the secret your processor gave you.
- Enable Fraud Check — optional toggle.
HPP-only: PageSet, PageName (per mode — different values for test vs live), and Portal (firstatlantic or powertranz).
MPGS Direct & HPP
- Merchant ID — issued by your acquirer (Sagicor, RBC, FAC). Used in API auth as
merchant.{merchantId}. - API Password — from your MPGS portal under Admin → Integration Settings → Password 1.
- API Version — defaults to
100. Only change if your bank explicitly asks.
Connection settings (per mode):
- Region preset —
ap,eu,na,mtf,sagicor, orcustom. Auto-derives the gateway URL. - Gateway URL — full MPGS endpoint. Required when region preset =
custom; auto-populated otherwise. - Webhook notification secret — the shared secret your bank set for webhook notifications.
Behaviour settings:
- Default capture method —
automatic(one-step PAY) ormanual(AUTHORIZE only; capture later). Use manual when your bank hasn't enabled PURCHASE/PAY on the merchant profile. - Enable 3D Secure and Require 3DS — toggles for fraud-shift protection.
- Order ID prefix — short prefix on every order sent to MPGS (default
GC).
PayPal
- Client ID and Client Secret from your PayPal developer dashboard.
Currencies and modes
For each gateway you specify:
- Enabled modes — at least one of
testandlive. - Test currencies (required) — the 3-letter currency codes the gateway should accept in test mode.
- Live currencies — same, for live mode. Optional but required if you enable live mode.
If a currency isn't enabled here, payment links in that currency won't route to this gateway.
After saving
Both test and live credentials are stored encrypted and versioned — every update creates a new credential version, and the audit log records who changed what (without the secrets themselves). You can roll back if a credential change breaks things.
The Test connection button on each mode card calls the gateway's auth endpoint with a sentinel transaction and shows a green checkmark for a valid handshake, or a specific error like "Wrong API password" or "Merchant ID or Gateway URL is wrong".