Payment Engine
Payment Engine Integration Setup
Prepare your Payment Engine project and credentials before integration.
Before calling Payment Engine APIs, complete project creation, payment currency setup, and API credential retrieval in the Cregis App desktop client using the steps below.
Preparation Steps
Step 1: Download and install Cregis App
- Visit https://www.cregis.com/download and download the installer for your operating system (macOS or Windows).
- Install and launch Cregis App.
Step 2: Register account and complete security setup
- Register a Cregis account (see Account Registration and Login Guide).
- Bind Google Authenticator (2FA).
- Sign in to your account.
Step 3: Create a Payment Engine project
- In the App, open the Payment Engine module and click Create on first use.
- Enter project name, industry, merchant name, and brand information (shown on checkout pages).
- Select supported payment currencies and settlement addresses (you can skip temporarily and complete later in settings).
- Enter transaction password and Google 2FA code to finish creation.
- Detailed walkthrough: Payment Engine Project Creation Guide
Prepare a WaaS API project for API payouts or withdrawals
A Payment Engine project is mainly used for collections, orders, and payment callbacks. If your integration also includes API payouts, withdrawals, addresses, or wallet operations, create a WaaS API project and retrieve the corresponding API Key and project parameters as well. See WaaS Wallet Integration Setup.
Step 4: Configure IP allowlist
- Go to Payment Engine Project Settings > IP Allowlist.
- Click Create Group, enter your server public IP, save, and complete identity verification.
- API requests will fail if IP allowlist is not configured.
Step 5: Retrieve API Key and project identifiers
- In project settings, copy
API Key、Base URLandProject ID - These three parameters are required for all Payment Engine API calls. Store them securely and never expose them publicly.
Checkout URL and QR Code Safety
After an order is created, the checkout_url returned by Payment Engine is the entry point for user payment. Protect this checkout link and any QR code generated from it from being replaced in internal workflows, frontend pages, or operations processes.
- Create orders by calling /api/v2/checkout from your server. The frontend should only receive the checkout_url returned by your server, and should not construct checkout links or QR code contents by itself.
- When generating or displaying a payment QR code, use the checkout_url from the current order directly. Do not allow staff to manually replace the QR image or payment address.
- Before redirecting to the checkout page, or on your order confirmation page, show key information such as order_id, order_amount, order_currency, and merchant name so users can verify the payment.
- If your admin system allows staff to view or resend checkout links, restrict permissions, keep operation logs, and avoid exposing the API Key.
- Use verified Payment Engine callbacks and /api/v2/order/info query results as the source of truth for order status. Do not confirm payment only from frontend redirects, screenshots, or manual feedback.
- If the checkout_url, QR code, amount, currency, merchant name, or order ID looks abnormal, pause the order and contact [email protected].