Integration Test Plan

Overview

Before we can grant production access, you’ll need to complete a series of tests to verify that your integration with the Fuse API is set up correctly. This ensures your implementation follows best practices and meets our reliability and security standards.

Test Requirements

To complete testing, you must provide results covering the following key areas:

1. API Calls

You must successfully perform the following API actions and submit request/response logs:

• Create a Customer (Add Business or Add Individual)
• Create an Account
• Initiate a Payment
• Retrieve an Account
• Retrieve a Transaction
• List Transactions for an Account, including handling of pagination

2. Webhook Testing

You need to confirm that webhook events are correctly received and processed, demonstrating successful handling of the following events:

• account_opened
• inbound_local_payment_settled
• outbound_local_payment_created
• outbound_local_payment_submitted
• outbound_local_payment_executed
• outbound_local_payment_failed
• internal_transfer_created
• inbound_internal_transfer_settled
• internal_transfer_settled

Required evidence:

• Logs showing webhook events received
• Confirmation of successful processing, including a 2xx HTTP response sent to Fuse

(Webhook Docs)

3. Token Management

To ensure secure API authentication, you must provide an overview of how your system:

• Stores and refreshes API tokens (Auth Docs)
• Prevents hardcoding of tokens
• Uses secure storage (e.g., environment variables, secrets manager)
• Properly refreshes expired tokens
• Reuses live tokens where appropriate instead of generating a new one for every request

4. Idempotency Handling

To prevent duplicate operations, you must implement idempotency for POST requests (Idempotency Docs) and provide test cases showing:

• The same request is being sent multiple times

5. Test Execution Details

To help with our internal tracking, please include the timestamp and timezone of when your tests were performed.

Submission of Test Results

To complete the process, submit the following:

• API request and response logs (sensitive data can be masked)
• Webhook logs, including confirmation that a 2xx response was returned to Fuse
• A short document outlining how you handle token management and idempotency
• Evidence that live tokens are reused instead of generating new ones for each request
• Timestamp and timezone of tests

Once we review and approve your test results, we will grant production access. If any issues arise, we’ll provide feedback so you can make necessary adjustments.