SquareOS Docs
Start Here

Provider Portal Extraction Checklist

Provider portal extraction checklist is the setup worksheet for copying exact values from Razorpay, Meta, SMS vendors, POS vendors, and access-control portals into SquareOS Admin before live certification starts.

What this page is for

Provider portal extraction checklist is the setup worksheet for copying exact values from Razorpay, Meta, SMS vendors, POS vendors, and access-control portals into SquareOS Admin before live certification starts.

Who should use it

Owners, implementation, platform admin, finance, communications admin, support

Where to find it

Provider portal values to copy into SquareOS Admin integration settings

Before you start

  • Provider portal extraction checklist: complete one extraction row before saving or editing any live provider credential in SquareOS Admin.
  • Provider portal extraction rows must record provider portal path, copied value, SquareOS field, owner, masked secret handling, verification action, and launch evidence row id.
  • Razorpay portal values: Dashboard mode, Key ID, Key Secret, Webhook URL, Webhook Secret, subscribed payment/payment_link/refund/settlement/dispute events, merchant/account reference, and enabled checkout/payment-link/mandate/refund capabilities.
  • Meta WhatsApp portal values: Business portfolio, app id, app secret, WhatsApp Business Account ID, phone number ID, display phone number, system-user access token, webhook callback URL, verify token, subscribed messages/statuses fields, and approved template names/languages/variables.
  • Facebook Leads portal values: Meta app id, app secret, business, Page id, form id, ad account/campaign/ad identifiers when available, Page access token or system-user token, leadgen webhook subscription, verify token, and lead testing tool result.
  • MSG91 portal values: Authkey, approved sender ID/header, DLT Entity ID when applicable, DLT Template ID, MSG91 template/flow id, route/account reference, and delivery callback URL/token.
  • Exotel portal values: Account SID, API Key, API Token, sender ID, DLT Entity ID, DLT Template ID, API domain/cluster, and status callback URL/token.
  • Email portal values: Amazon SES region, verified identity, DKIM/SPF/DMARC or MAIL FROM state, sandbox/live state, access key id, secret access key reference, configuration set, SNS topic ARN, webhook verify token, SMTP host/port/TLS flag, SMTP username/password reference, and certified adapter callback URL/token.
  • POS terminal portal values: Razorpay POS device id and signature secret, Paytm MID/TID/POS_ID and merchant key or checksum setup, Pine Labs Plutus client/store/terminal/reference id and callback signature secret or adapter token.
  • Access hardware portal values: Matrix COSEC controller/device/site/group id and push/API mode, ZKTeco device serial or ZKBioTime/BioTime API endpoint and user identifier format, Suprema BioStar/BioStar X device id/door/access group/user identifier format, event callback token/signature, and command endpoint URL.
  • Secrets are copied only into SquareOS Admin write-only credential fields or the approved secret manager reference. Screenshots, launch notes, support tickets, and mobile readiness cards must show masked values or references only.
  • A provider cannot move to live certification until extraction identifies the tenant, gym/location, provider account/device, owner, portal path, SquareOS field, and verification action for every required value.

Daily workflow

  • Open the provider dashboard and confirm the environment first. For Razorpay, use the dashboard mode switch so test keys are never copied into the live tenant or live keys into a test tenant.
  • For Razorpay, go to Account and Settings / API Keys to create or view Key ID and Key Secret, then go to Webhooks to add the SquareOS webhook URL, set the webhook secret, and subscribe to payment, payment_link, refund, settlement, and dispute events used by the gym.
  • In SquareOS, open Admin / Razorpay Setting and enter provider Razorpay, account name, merchant reference, key ID, write-only key secret, webhook secret, test or live mode, checkout, payment-link, mandate, and refund capabilities. Save, then run the low-value payment certification from Live Provider Certification Evidence.
  • For Meta WhatsApp, open Meta Developers, select the production app, review WhatsApp API Setup for the WhatsApp Business Account ID, phone number ID, and display phone number, then open Webhooks/Configuration for callback URL, verify token, and messages/statuses subscriptions.
  • For Meta WhatsApp tokens, use Business Settings / Users / System users to create or select the approved system user, assign the WhatsApp Business Account and required app assets, generate the access token, and paste only the token value into SquareOS Admin or the approved secret reference.
  • For WhatsApp templates, open WhatsApp Manager / Message templates, record the approved template name, language, category, body variables, header/footer/buttons, and rejection or quality warnings, then run template sync from SquareOS WhatsApp Setting.
  • For Facebook Leads, open Meta Developers / App Dashboard / Webhooks and subscribe the app to leadgen, then open Business/Page settings to confirm the Page, form, system-user or Page token, and permissions used by SquareOS.
  • Use the Meta Lead Ads Testing Tool or a real test form to capture the lead testing result. In SquareOS, map Page, form, source, campaign/ad identifiers when available, duplicate policy, owner mapping, and webhook verify token before certifying lead creation.
  • For MSG91, open the SMS panel for Authkey, approved sender ID/header, DLT Entity ID, DLT Template ID, MSG91 template/flow id, route/account, and delivery callback URL/token. In SquareOS MSG91 Setting, store Authkey/token as the credential reference and map each template/DLT id to the message use case.
  • For Exotel, open Dashboard Settings / API Settings and SMS/DLT screens for Account SID, API Key, API Token, sender ID, DLT Entity ID, DLT Template ID, API domain/cluster, and status callback URL/token. In SquareOS MSG91 Setting with provider Exotel, map Account SID as external account and keep API token write-only.
  • For Amazon SES, open AWS Console / Amazon SES in the sending region, verify the domain or sender email, confirm DKIM/SPF/DMARC or MAIL FROM setup, record sandbox/live state, configuration set, access key id, secret access key reference, SNS topic ARN, event publishing or notification events, webhook verify token, and the SquareOS SES webhook URL.
  • For SMTP, open the provider relay/admin panel for host, port, TLS requirement, username, password or secret reference, from address, reply-to address, provider message id availability, certified adapter callback URL, and webhook token. In SquareOS Email Setting, store host/port/secure in provider config and username/password only as credentials or secret references.
  • For POS terminals, open the vendor portal or onboarding sheet for Razorpay POS device id and signature secret, Paytm MID/TID/POS_ID and merchant key/checksum setup, or Pine Labs Plutus client/store/terminal/reference id and callback signature secret/adapter token. Register each device in Admin / POS Terminal Setting with the exact gym location.
  • For access hardware, open Matrix COSEC, ZKTeco/ZKBioTime/BioTime, or Suprema BioStar/BioStar X admin for controller/device/site/group id, device serial, command endpoint URL, event callback token or signature, user identifier format, access group, and push/API mode. Register each physical gate in Admin / Biometric Setting with location and safe/fake mode status.
  • After saving each provider, run the relevant Verify, Sync, Test send, Test lead, Terminal handoff, or Access command action and attach the resulting certification evidence row id back to the extraction row.

Watch out

  • Do not invent missing portal values. If a dashboard layout changed or a value is unavailable, mark the extraction row Blocked, record the portal path attempted, and raise the provider/onboarding issue before staff training.
  • Do not reuse one provider credential for multiple tenants, brands, Pages, phone numbers, terminals, or access devices unless the provider contract and SquareOS tenant mapping explicitly allow it.
  • Do not mark a setup complete from portal screenshots alone. The extraction checklist proves what was copied; the certification evidence proves the provider actually sent a signed/token-verified callback and SquareOS updated the correct records.
  • Do not expose provider secrets to mobile apps, support screenshots, launch trackers, or staff chat. Use masked secret handling in every extraction row and use read-only readiness summaries outside Admin.
  • When a vendor uses a partner-managed portal or support ticket instead of a self-serve screen, record the partner ticket id, approver, received value, SquareOS field, and verification action in the same extraction row format.
  • Use the left menu to open related pages in Start Here.
  • Use Ask Docs for questions that are already covered in this public documentation.

On this page