# Get started br ## Payments overview Our article will cover some foundational understanding of online payment processing. This is a good start, if you're new to the payment industry. How to accept online payments An overview of online payment basics. br ## API principles Before you start integrating, you should make yourself familiar with our [API principles](/access/products/reference/api-principles/). This page outlines the standards to work with our APIs. Our design is RESTful, meaning our APIs are structured around resources and use standard HTTP methods (GET, POST, PUT, DELETE) to interact with those resources. After reading this, you should have a good understanding of versioning, non-breaking definitions and best practices allowing your integration to be resilient. ## Integration options We offer four different ways to take payments depending on the control over the payment flow you want to have: 1. [Plugins](/access/products/plugins) Our pre-built **no-code** option to add payment processing capabilities to your website. 2. [Hosted Payment Pages](/access/products/hosted-payment-pages) Our **low-code** redirect integration taking the PCI compliance burden off you. 3. [Payments API](/access/products/payments) Our **medium-code** direct integration with the option of using an [SDK](/access/products/checkout/) to lower PCI compliance burden. This API is an orchestration service combining some of our modular APIs. 4. [Modular APIs](/access/products/modular) Our **high-code** direct integration giving you full control over your payment flow by sending individual requests to our APIs. You also have th option to use an [SDK](/access/products/checkout/) to lower the PCI compliance burden. To get a more detailed understanding and make the right choice for your business, take a look at our [capability comparison](/access/products/payments/selection). ## Prerequisites and best practice * ### Credentials To authenticate your merchant details, when sending a request to our APIs, you must supply credentials. If you haven't got these already, you can contact your Implementation Manager. * ### DNS Whitelisting Whitelist the following URLs: * `https://try.access.worldpay-bsh.securedataplatform.com/` * `https://access.worldpay-bsh.securedataplatform.com/` Please ensure you use DNS whitelisting not explicit IP whitelisting as we might change our IP addresses. * ### WP-CorrelationId logging We return a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this as we can use it to examine individual requests. * ### Security Familiarize yourself with our [security best practices](/access/products/reference/security/). ## Testing and go live Before you're [going live](/access/products/reference/go-live/) you should test your integration in our Try environment `try.access.worldpay-bsh.securedataplatform.com` Each service has their own testing mechanism and magic values. You can navigate to the respective test pages [here](/access/products/testing/). ### Rate limiting Our Try environment supports manual, functional testing, not performance or automated testing. We restrict every merchant to 10 requests per second. If you exceed this limit, you will start seeing `429` errors (too many requests). You must wait up to 5 minutes for us to permit your requests again. Additionally, you must keep the number of requests below the rate limit to ensure you don't continue to receive this response. Rate limiting is per merchant, so if another merchant exceeds the rate limit, it will not impact you. ***Got a question not covered here? Ask our AI search in the top right corner.***