WebsiteStatusSupportPostman workspacePricingDocumentation hub survey
Documentation
RSS feedSign up
Start typing to search…
  1. Server-to-Server, Mobile SDK, and COPYandPAY
  2. Support

Enhanced endpoint migration guidelines

What is the enhanced endpoint

Customers using the Smart Payments Platform can use a new enhanced endpoint with quicker failovers between data centres and other stability improvements. Customers are strongly encouraged to upgrade as soon as possible to access these improvements.

Pre-migration validation steps

Before switching to the enhanced endpoint, customers must complete the following three validation steps:

1. Remove restrictions on connectivity to outbound IP addresses

Organisations restricting outbound connectivity to specific IP addresses or ranges (commonly referred to as "IP allowlisting") must remove these restrictions for all application servers connecting to the new enhanced endpoint.

This applies only to outbound connections from your systems to the Smart Payments Platform. Inbound connectivity from the Smart Payments Platform to your organisation (such as webhooks) requires no changes.

2. Validate cypher suites

Some TLS v1.2 cypher suites that are supported by the legacy endpoint are not supported by the enhanced endpoint. Customers must review the list of cypher suites supported by the enhanced endpoint to ensure they support at least one of the listed cypher suites.

There are no changes to supported TLS v1.3 cypher suites.

3. Check certificate

The enhanced endpoint uses a different certificate than the one used by the legacy endpoint. Customers should validate that systems connecting to the new endpoint are set up with the root certificate that signed the server certificate. The server certificate is signed by Let's Encrypt.

Note that the root certificate for Let's Encrypt was updated. See the Let's Encrypt documentation for more information.

Additionally, Peach Payments updates certificates on a regular basis going forward, with a maximum certificate length of 90 days. This change protects both your organisation and the Smart Payments Platform from the security risks associated with long-lived certificates. Any customers that require certificate pinning must ensure that they update their certificates on this more regular schedule.

Targeting the enhanced endpoint

When you have completed the validation steps listed above, you might have to switch to a new URL. However, depending on the nature of your integration, you might instead remain on the legacy URL, in which case Peach Payments switches you over with no further action required from your organisation.

Review the communications sent to your organisation to determine whether you must switch over to the new URL. Contact support if you are unsure whether you must switch over to the new URL, or if you target different URLs to those in the table below.

EnvironmentCurrent domain (legacy endpoint)New domain (enhanced endpoint)
Productioncard.peachpayments.comeu-prod.card.peachpayments.com
Customer Test (Staging)sandbox-card.peachpayments.comeu-test.card.peachpayments.com

Updated about 7 hours ago