Back to Docs

Sandbox vs Production

ComplianceGrid provides two isolated environments. Sandbox is free and returns mock data for development and testing. Production connects to real government data sources and is billed per call.

Reading time: 3 minLast updated: Feb 2026

Environment Comparison

FeatureSandboxProduction
Base URLsandbox.api.compliancegrid.aiapi.compliancegrid.ai
API Key Prefixcg_sk_cg_pk_
Data SourceMock / canned responsesLive government APIs
BillingFree — no charges$0.01 per API call
Rate Limit60 req/min, 1,000 req/dayBased on subscription tier
OAuth Token Lifetime24 hours1 hour
AES FilingsSimulated — no submissionsReal AES WebLink filings
AI AssistantFull LLM responsesFull LLM responses
Webhook CallbacksLocalhost / test URLs allowedHTTPS required

How Routing Works

The API key prefix determines which environment handles your request. The SDKs detect this automatically — you never need to change the base URL manually.

Sandbox Flow

  1. 1Request sent with cg_sk_ key
  2. 2SDK routes to sandbox.api.compliancegrid.ai
  3. 3Key is validated, sandbox middleware intercepts
  4. 4Canned mock response returned — no external calls

Production Flow

  1. 1Request sent with cg_pk_ key
  2. 2SDK routes to api.compliancegrid.ai
  3. 3Key is validated, subscription + rate limits checked
  4. 4Live data from trade.gov, SEC, FDIC, FDA, FCC, etc.

Sandbox Mock Data

Sandbox responses mirror the exact structure and field names of production responses, but with static sample data. This lets you build and test integrations without incurring costs or hitting real government systems.

sandbox-response.json
# Sandbox response example
{
  "success": true,
  "data": {
    "id": "rps_sandbox_demo",
    "totalPartiesScreened": 1,
    "totalMatches": 3,
    "overallResult": "HIT",
    "results": [
      {
        "party": { "name": "Huawei Technologies", "country": "CN" },
        "matchCount": 3,
        "matches": [
          {
            "source": "Entity List (BIS)",
            "name": "HUAWEI TECHNOLOGIES CO., LTD.",
            "matchScore": 0.97,
            "listType": "ENTITY_LIST"
          }
        ]
      }
    ]
  },
  "meta": { "environment": "sandbox", "note": "Mock data — not from live sources" }
}

What sandbox supports

  • • All 12 API verticals return mock data
  • • AI Assistant returns real LLM responses
  • • OAuth token exchange works normally
  • • Webhook callbacks to any URL
  • • AES filing validation (no submission)

What sandbox does not do

  • • No real government API calls
  • • No AES WebLink submissions to CBP
  • • No billing or charges
  • • No production-level SLA guarantees
  • • Data is static, not real-time

Going to Production

When you're ready to switch from sandbox to production:

  1. 1Go to the Developer Portal and create a Production key (cg_pk_).
  2. 2Add prepaid credits to your account via the Billing page.
  3. 3Replace your sandbox key in environment variables — no code changes needed.
  4. 4The SDK automatically routes to the production endpoint.
  5. 5Monitor usage in the Developer Portal → Usage tab.
Authentication

API keys and OAuth 2.0 flow

Rate Limits

Request limits and quotas

Pricing

$0.01 per call, free sandbox