Frequently Asked Questions (FAQ)
This section answers the most common questions raised by merchants and developers while integrating with SADAD Payment Gateway.
General Questions
What is SADAD Web Checkout 2.1?
SADAD Web Checkout 2.1 is a hosted payment solution where customers are redirected to a secure SADAD checkout page to complete their payment.
It handles:
- Payment UI
- Card security
- Bank communication
- Redirects, callbacks, and webhooks
Which integration should I choose: Web Checkout or API?
-
Web Checkout 2.1
Best for quick, secure, and PCI-light integrations. -
API / Advanced integrations
Best for merchants who need complete control over the checkout experience.
For most merchants, Web Checkout 2.1 is recommended.
Account & Onboarding
How do I become a SADAD merchant?
- Download the SADAD Business App
- Complete merchant registration and KYC
- Wait for approval
- Enable Payment Gateway from the Merchant Panel
Where do I find my Merchant ID and Secret Key?
After login to https://panel.sadad.qa:
- Go to Payment Gateway
- You will find:
- Merchant ID (MID)
- Test Secret Key
- Live Secret Key
Can I use the same credentials for Test and Live?
No.
- Test Secret Key → Sandbox transactions
- Live Secret Key → Live transactions
Using a Test key will always open the checkout in Sandbox mode.
Technical Questions
Is signature generation mandatory?
Yes.
All payment requests must include a valid signature generated using:
- Your Secret Key
- Sorted request parameters
Requests without a valid signature will be rejected.
Can I generate the signature on the frontend?
No.
Signature generation must always be done server-side. Never expose your Secret Key in frontend code.
What happens if the customer closes the browser during payment?
- The transaction may remain In Progress
- SADAD will later update the final status via:
- Callback
- Webhook
- End-of-day reconciliation
Merchants should rely on server callbacks and webhooks, not browser redirects.
Why do some transactions remain in “In Progress”?
This can happen due to:
- Delayed bank response
- Network interruption
- Customer abandoning the checkout
All in-progress transactions are automatically updated to Success or Failed after 12 AM post final confirmation from the bank.
Callback & Webhook
What is the difference between Callback and Webhook?
-
Callback URL
Triggered after customer redirection -
Webhook
Server-to-server notification, sent even if customer closes the browser
Always implement Webhook for reliable transaction updates.
Is callback/webhook data JSON?
- Callback → Form POST (
application/x-www-form-urlencoded) - Webhook → JSON payload
Both include a checksumhash that must be verified.
What should I return in webhook response?
Your webhook endpoint must return:
{
"status": "success"
}
With HTTP status code 200.
Payments & Status
What are the transaction status values?
| Status Code | Meaning |
|---|---|
| 1 | In Progress |
| 2 | Failed |
| 3 | Successful |
When should I mark an order as successful?
Only when:
transaction_status = 3- Signature verification succeeds
Never rely only on frontend redirection.
Errors & Troubleshooting
Why is my transaction failing?
Common reasons:
- Invalid signature
- Incorrect parameter order
- Using Live key in Test mode (or vice versa)
- Card issuer decline
Check:
- Error Codes section
- Callback response message
Who should I contact for support?
If you still face issues:
- 📧 Email: [email protected]
- Share:
- Merchant ID
- Environment (Test / Live)
- Order ID or Transaction Number
This FAQ is continuously updated based on merchant feedback.