Try out your fraud tools integration in the sandbox with these test values:

You can use the following test card numbers in the sandbox to simulate Advanced Fraud Management Tools or risk threshold rules rejecting a request.

Card Type Test Value Status Reason
Visa 4000111111111511 gateway_rejected fraud
Visa 4111130000000003 gateway_rejected risk_threshold

The following payment method nonces represent payment methods that will be gateway rejected by Braintree's various fraud tools.


These test numbers and nonces will only trigger a fraud response if you have the relevant settings configured in your gateway:

Nonce Description
fake-gateway-rejected-kount-nonce A nonce representing a card that will be gateway rejected by Kount
fake-gateway-rejected-risk-thresholds-nonce A nonce representing a card that will be gateway rejected by your risk threshold rules

fake-gateway-rejected-fraud-nonce represents a card that will be gateway rejected by Braintree's fraud tools. This is now deprecated.

Go live


Your sandbox account is not linked to your production account in any way. Nothing created in the sandbox will transfer to production. This includes processing options and recurring billing settings. Your login information, merchant ID, and API keys will also be different.

Create an API user

Production API credentials, including your API keys, must be entered into your server-side code to connect API calls to the Braintree gateway. While each user in your gateway has their own unique set of API keys, only one set can be included in your integration.

We do not recommend including an individual user's API credentials. If you ever need to delete or suspend that user, this could break your connection to Braintree and result in failed transactions.

Instead, create a new user specifically designated as the API user, whose API keys can be used for your integration. This user should be set up with an email address that is not associated with a single employee and should have Account Admin permissions in order to avoid issues such as an authorization error.

Get production credentials

Log into your production account as the API user to obtain your API credentials. You'll need the:

  • Production merchant ID
  • Production public key
  • Production private key

Keep in mind that public and private keys are both environment- and user-specific.

Update production account settings

Make sure your production account settings mirror the ones in your tested sandbox configuration. Be sure to recreate any recurring billing plans or settings if you plan to use recurring billing in production.

Update live server configuration

In your server code, update your configuration to production values:

gateway = braintree.BraintreeGateway(

Once you have updated these values and configured your preferred processing settings, the live production environment will function similarly to the sandbox environment you've been using for development. Learn more about the differences between production and the sandbox.

On the client side, no configuration updates are needed when you make the switch to production – your client obtains its client token from your server, which is all the configuration it needs.


If you have an iOS integration, verify that your released code does not use an offline client token by ensuring that you do not import BTClient+Offline.h. Once this is confirmed, you can publish to the App Store.

Test transactions in production

It is important to test your production account by creating a couple of low-value sale transactions for each of the payment method types you plan to accept. Be sure to submit the transactions for settlement, and then confirm that the funds have deposited into your bank account. This typically happens a few days after they have settled.


Real payment methods must be used in the production environment. Test values from the sandbox testing page will not work. This means that every test transaction that you allow to settle in your production account will debit funds from the associated payment method and fees will be assessed. Be sure to test with reasonable amounts and only run a limited number of transactions.

Keep in mind that if you run too many test transactions in a short period of time, your Advanced Fraud Management Tools may start gateway rejecting the transactions due to fraud concerns. To avoid this, do not use more than two different card numbers to test your production account from the same IP address.