The M-Pesa Express API (STK/NI Push) initiates an online payment on behalf of a customer, providing a seamless payment experience for both businesses and customers. By integrating with this API, businesses can send a payment prompt to a customer’s phone, allowing them to authorize the payment by entering their M-PESA PIN. This eliminates the need to remember business paybill numbers or account numbers.
Endpoint Overview
-
Method:
POST -
URL:
https://sandbox.safaricom.co.ke/mpesa/stkpush/v1/processrequest - Authentication: Requires an access token generated via the Authorization API.
Workflow
The Lipa na M-Pesa Express API works as follows:
- The merchant sets the required parameters and sends the API request.
- The API validates the request and returns an acknowledgment response.
- An STK Push prompt is triggered to the customer’s M-PESA-registered phone number.
- The customer authorizes the payment by entering their M-PESA PIN.
- M-PESA processes the payment by:
- Verifying the customer’s PIN.
- Debiting the customer’s M-PESA account.
- Crediting the merchant’s account.
- M-PESA sends the result to the API Management system, which forwards it to the merchant’s callback URL.
- The customer receives an SMS confirmation.
Request Setup
1. Generate an Access Token
To authenticate your request, first generate an access token using the Authorization API. Learn more about [Authorization API here].
2. Define the Request Body
In your request body, provide the following parameters in JSON format:
{
"BusinessShortCode": "174379",
"Password": "MTc0Mzc5YmZiMjc5ZjlhYTliZGJjZjE1OGU5N2RkNzFhNDY3Y2QyZTBjODkzMDU5YjEwZjc4ZTZiNzJhZGExZWQyYzkxOTIwMTYwMjE2MTY1NjI3",
"Timestamp":"20160216165627",
"TransactionType": "CustomerPayBillOnline",
"Amount": "1",
"PartyA":"254708920430",
"PartyB":"174379",
"PhoneNumber":"254708920430",
"CallBackURL": "https://mydomain.com/path",
"AccountReference":"Test",
"TransactionDesc":"Test"
}
Request Parameter Description
| Parameter | Description | Type | Example Value |
|---|---|---|---|
| BusinessShortCode | The organization's paybill or till number (5-6 digits). | Numeric | 174379 |
| Password | Base64 encoded string (Shortcode + Passkey + Timestamp). | String | base64.encode(Shortcode + Passkey + Timestamp) |
| Timestamp | Transaction timestamp in YYYYMMDDHHMMSS format. |
Timestamp | 20160216165627 |
| TransactionType | Transaction identifier for M-PESA Express. Use CustomerPayBillOnline or CustomerBuyGoodsOnline. |
String | CustomerPayBillOnline |
| Amount | Transaction amount (whole numbers only). | Numeric | 10 |
| PartyA | Customer's M-PESA-registered phone number in 2547XXXXXXXX format. |
Numeric | 254708920430 |
| PartyB | Receiving business shortcode, same as BusinessShortCode. | Numeric | 174379 |
| PhoneNumber | Phone number receiving the STK prompt, same as PartyA. | Numeric | 254708920430 |
| CallBackURL | URL where payment results will be sent. | URL | https://mydomain.com/path |
| AccountReference | Transaction reference displayed to the customer. Max 12 characters. | Alpha-Numeric | Test |
| TransactionDesc | Any additional info or comment for the transaction. Max 13 characters. | String | Test |
Example Response
Upon successful request, the API will return the following response:
{
"MerchantRequestID": "29115-34620561-1",
"CheckoutRequestID": "ws_CO_191220191020363925",
"ResponseCode": "0",
"ResponseDescription": "Success. Request accepted for processing",
"CustomerMessage": "Success. Request accepted for processing"
}
Response Parameters
| Parameter | Description | Type | Example Value |
|---|---|---|---|
| MerchantRequestID | Unique identifier for the payment request. | String | 29115-34620561-1 |
| CheckoutRequestID | Unique identifier for the checkout transaction. | String | ws_CO_191220191020363925 |
| ResponseCode | Status code indicating the request outcome. 0 means successful. |
Numeric | 0 |
| ResponseDescription | Description of the request status. | String | Success. Request accepted for processing |
| CustomerMessage | Message confirming the request status to the customer. | String | Success. Request accepted for processing |
Callback Result
After the transaction is processed, M-PESA will send a callback with the result to the specified CallBackURL.
Successful Result Body
{
"Body": {
"stkCallback": {
"MerchantRequestID": "29115-34620561-1",
"CheckoutRequestID": "ws_CO_011120241020363925",
"ResultCode": 0,
"ResultDesc": "The service request is processed successfully.",
"CallbackMetadata": {
"Item": [
{"Name": "Amount", "Value": 1.00},
{"Name": "MpesaReceiptNumber", "Value": "NLJ7RT61SV"},
{"Name": "TransactionDate", "Value": 20241101102115},
{"Name": "PhoneNumber", "Value": 254708920430}
]
}
}
}
}
Callback Result Description
| Parameter | Description | Type | Example Value |
|---|---|---|---|
| MerchantRequestID | Unique identifier for the payment request. | String | 29115-34620561-1 |
| CheckoutRequestID | Unique identifier for the checkout transaction. | String | ws_CO_191220191020363925 |
| ResultCode | Status code for the transaction. 0 means success, other codes indicate an error. |
Numeric | 0 |
| ResultDesc | Message describing the transaction outcome. | String | The service request is processed successfully. |
| CallbackMetadata | Contains additional transaction details. | JSON Object | |
| Amount | Amount transacted. | Decimal | 1.00 |
| MpesaReceiptNumber | Unique M-PESA transaction ID. | String | NLJ7RT61SV |
| TransactionDate | Date and time of transaction completion in YYYYMMDDHHMMSS format. |
Timestamp | 20241101102115 |
| PhoneNumber | Customer’s phone number. | Numeric | 254708920430 |
Unsuccessful Result Body
If the transaction fails, the callback result will contain the error details, as shown below:
{
"Body": {
"stkCallback": {
"MerchantRequestID": "29115-34620561-1",
"CheckoutRequestID": "ws_CO_191220191020363925",
"ResultCode": 1032,
"ResultDesc": "Request canceled by user."
}
}
}
Error codes Summary
| Error Code | Description | Possible Cause | Solution |
|---|---|---|---|
| 1037 | DS timeout, user unreachable | User has an outdated or offline SIM | Update or replace SIM; ensure phone is online. |
| 1025 | Issue with push request | System error or message too long | Retry request, ensure messaging is under 182 characters, check system functionality. |
| 9999 | General push request error | System issue | Retry and confirm system operation. |
| 1032 | User canceled the request | User did not respond or canceled on their phone | Inform the user and retry if necessary. |
| 1 | Insufficient balance | User lacks funds or declined overdraft | Advise user to add funds or use Overdraft (Fuliza). |
| 2001 | Invalid initiator information | Incorrect password or PIN | Use correct credentials, advise user to enter the correct PIN. |
| 1019 | Transaction expired | Processing delay | Ensure transaction completes promptly. |
| 1001 | Subscriber lock error | Ongoing USSD session, conflicting sessions | Close session, wait 2-3 minutes, retry; contact Safaricom if needed. |
In this example, ResultCode indicates an error (e.g., 1032 means "Request canceled by user").
For any suggestions, comments, or issues encountered during implementation, please let us know to help improve this API guide.
Happy Coding
Top comments (0)