# Integration Checklist

### Overview

When you’ve finished development and testing, go through this to confirm you are production-ready.

### Setup

* [ ] [Activate your account](https://portal.complycube.com/activate) in the Web Portal and obtain your **Live** API key.
* [ ] Use our [testing data](https://docs.complycube.com/documentation/integration-resources/testing-data) to simulate scenarios for all services you plan to use. Ensure your integration handles both success and error responses correctly.
* [ ] Ensure your integration is configured to use the correct environment by supplying the appropriate [API key](https://portal.complycube.com/developers/key).<br>

### Validation

* [ ] If you have integrated our native [Mobile SDKs](https://app.gitbook.com/s/lv7UhJvTbxeq4s3KwQpn/), install and test the ComplyCube [iOS and Android mobile apps](https://docs.complycube.com/documentation/integration-resources/complycube-mobile-app) to validate your workflows.
* [ ] Handle `40x` and `50x` errors gracefully: validate inputs, retry transient errors, and provide helpful user feedback.
* [ ] Respect [rate limits](https://docs.complycube.com/api-reference/rate-limits) and [service quotas](https://docs.complycube.com/api-reference/service-quota) to avoid throttling or service denials in production.<br>

### Webhooks

* [ ] Configure [webhook](https://portal.complycube.com/developers/webhooks) endpoints in the Live environment (note that Sandbox and Live webhooks are separate).
* [ ] Ensure your endpoint [verifies authenticity](https://docs.complycube.com/documentation/webhooks#signature-verification), handles retries or missed deliveries, and is idempotent (safe to process the same event more than once).<br>

### Monitoring and security

* [ ] If using **continuous monitoring** (e.g. AML Screening checks), ensure it is **enabled** only for active clients and **disabled** when no longer needed.
* [ ] Subscribe to our [status page](https://status.complycube.com) so your team is notified of any service disruptions or planned maintenance.
* [ ] Store API keys securely, [rotate](https://portal.complycube.com/developers/key) them regularly, and never expose them in client-side code.