DEV Community

Sospeter Mong'are
Sospeter Mong'are

Posted on

M-Pesa Express (STK Push) API Guide

The M-Pesa Express API (STK/NI Push) initiates an online payment on behalf of a customer, providing a seamless payment experience for both businesses and customers. By integrating with this API, businesses can send a payment prompt to a customer’s phone, allowing them to authorize the payment by entering their M-PESA PIN. This eliminates the need to remember business paybill numbers or account numbers.


Endpoint Overview

  • Method: POST
  • URL: https://sandbox.safaricom.co.ke/mpesa/stkpush/v1/processrequest
  • Authentication: Requires an access token generated via the Authorization API.

Workflow

The Lipa na M-Pesa Express API works as follows:

  1. The merchant sets the required parameters and sends the API request.
  2. The API validates the request and returns an acknowledgment response.
  3. An STK Push prompt is triggered to the customer’s M-PESA-registered phone number.
  4. The customer authorizes the payment by entering their M-PESA PIN.
  5. M-PESA processes the payment by:
    • Verifying the customer’s PIN.
    • Debiting the customer’s M-PESA account.
    • Crediting the merchant’s account.
  6. M-PESA sends the result to the API Management system, which forwards it to the merchant’s callback URL.
  7. The customer receives an SMS confirmation.

Request Setup

1. Generate an Access Token

To authenticate your request, first generate an access token using the Authorization API. Learn more about [Authorization API here].

2. Define the Request Body

In your request body, provide the following parameters in JSON format:

{
   "BusinessShortCode": "174379",
   "Password": "MTc0Mzc5YmZiMjc5ZjlhYTliZGJjZjE1OGU5N2RkNzFhNDY3Y2QyZTBjODkzMDU5YjEwZjc4ZTZiNzJhZGExZWQyYzkxOTIwMTYwMjE2MTY1NjI3",
   "Timestamp":"20160216165627",
   "TransactionType": "CustomerPayBillOnline",
   "Amount": "1",
   "PartyA":"254708920430",
   "PartyB":"174379",
   "PhoneNumber":"254708920430",
   "CallBackURL": "https://mydomain.com/path",
   "AccountReference":"Test",
   "TransactionDesc":"Test"
}
Enter fullscreen mode Exit fullscreen mode

Request Parameter Description

Parameter Description Type Example Value
BusinessShortCode The organization's paybill or till number (5-6 digits). Numeric 174379
Password Base64 encoded string (Shortcode + Passkey + Timestamp). String base64.encode(Shortcode + Passkey + Timestamp)
Timestamp Transaction timestamp in YYYYMMDDHHMMSS format. Timestamp 20160216165627
TransactionType Transaction identifier for M-PESA Express. Use CustomerPayBillOnline or CustomerBuyGoodsOnline. String CustomerPayBillOnline
Amount Transaction amount (whole numbers only). Numeric 10
PartyA Customer's M-PESA-registered phone number in 2547XXXXXXXX format. Numeric 254708920430
PartyB Receiving business shortcode, same as BusinessShortCode. Numeric 174379
PhoneNumber Phone number receiving the STK prompt, same as PartyA. Numeric 254708920430
CallBackURL URL where payment results will be sent. URL https://mydomain.com/path
AccountReference Transaction reference displayed to the customer. Max 12 characters. Alpha-Numeric Test
TransactionDesc Any additional info or comment for the transaction. Max 13 characters. String Test

Example Response

Upon successful request, the API will return the following response:

{
   "MerchantRequestID": "29115-34620561-1",
   "CheckoutRequestID": "ws_CO_191220191020363925",
   "ResponseCode": "0",
   "ResponseDescription": "Success. Request accepted for processing",
   "CustomerMessage": "Success. Request accepted for processing"
}
Enter fullscreen mode Exit fullscreen mode

Response Parameters

Parameter Description Type Example Value
MerchantRequestID Unique identifier for the payment request. String 29115-34620561-1
CheckoutRequestID Unique identifier for the checkout transaction. String ws_CO_191220191020363925
ResponseCode Status code indicating the request outcome. 0 means successful. Numeric 0
ResponseDescription Description of the request status. String Success. Request accepted for processing
CustomerMessage Message confirming the request status to the customer. String Success. Request accepted for processing

Callback Result

After the transaction is processed, M-PESA will send a callback with the result to the specified CallBackURL.

Successful Result Body

{
   "Body": {
      "stkCallback": {
         "MerchantRequestID": "29115-34620561-1",
         "CheckoutRequestID": "ws_CO_011120241020363925",
         "ResultCode": 0,
         "ResultDesc": "The service request is processed successfully.",
         "CallbackMetadata": {
            "Item": [
               {"Name": "Amount", "Value": 1.00},
               {"Name": "MpesaReceiptNumber", "Value": "NLJ7RT61SV"},
               {"Name": "TransactionDate", "Value": 20241101102115},
               {"Name": "PhoneNumber", "Value": 254708920430}
            ]
         }
      }
   }
}
Enter fullscreen mode Exit fullscreen mode

Callback Result Description

Parameter Description Type Example Value
MerchantRequestID Unique identifier for the payment request. String 29115-34620561-1
CheckoutRequestID Unique identifier for the checkout transaction. String ws_CO_191220191020363925
ResultCode Status code for the transaction. 0 means success, other codes indicate an error. Numeric 0
ResultDesc Message describing the transaction outcome. String The service request is processed successfully.
CallbackMetadata Contains additional transaction details. JSON Object
Amount Amount transacted. Decimal 1.00
MpesaReceiptNumber Unique M-PESA transaction ID. String NLJ7RT61SV
TransactionDate Date and time of transaction completion in YYYYMMDDHHMMSS format. Timestamp 20241101102115
PhoneNumber Customer’s phone number. Numeric 254708920430

Unsuccessful Result Body

If the transaction fails, the callback result will contain the error details, as shown below:

{
   "Body": {
      "stkCallback": {
         "MerchantRequestID": "29115-34620561-1",
         "CheckoutRequestID": "ws_CO_191220191020363925",
         "ResultCode": 1032,
         "ResultDesc": "Request canceled by user."
      }
   }
}
Enter fullscreen mode Exit fullscreen mode

Error codes Summary

Error Code Description Possible Cause Solution
1037 DS timeout, user unreachable User has an outdated or offline SIM Update or replace SIM; ensure phone is online.
1025 Issue with push request System error or message too long Retry request, ensure messaging is under 182 characters, check system functionality.
9999 General push request error System issue Retry and confirm system operation.
1032 User canceled the request User did not respond or canceled on their phone Inform the user and retry if necessary.
1 Insufficient balance User lacks funds or declined overdraft Advise user to add funds or use Overdraft (Fuliza).
2001 Invalid initiator information Incorrect password or PIN Use correct credentials, advise user to enter the correct PIN.
1019 Transaction expired Processing delay Ensure transaction completes promptly.
1001 Subscriber lock error Ongoing USSD session, conflicting sessions Close session, wait 2-3 minutes, retry; contact Safaricom if needed.

In this example, ResultCode indicates an error (e.g., 1032 means "Request canceled by user").


For any suggestions, comments, or issues encountered during implementation, please let us know to help improve this API guide.

Happy Coding

Top comments (0)