MPESA consumer, secret and passkeys {Safaricom M-pesaWeBPortal} for API integration {Daraja 2.0}

0 0
Read Time:7 Minute, 50 Second

 

 We are attempting to get the following 4 things:

  • Paybill or Till number / Store number (in case you are using a Till number)
  • M-PESA consumer key
  • M-PESA secret key
  • M-PESA passkey

Prerequisites

  • Internet Browser
  • Paybill or Till number (with withdraw to bank option)
  1. Obtain Admin Access to the G2 Portal

Safaricom has a portal known as the G2 portal which Paybill users can access their accounts. The link can be found here: https://org.ke.m-pesa.com/orglogin.action
However, you need to request access by filling out the following form:

  • Mpesa Business Admin Account Activation Request Tempate –PDF Format
  • MPESA Business Admin Account Activation Request Template –Word Format

Ensure it is signed and stamped by all the directors (single director if it’s a sole proprietorship). Attach copies of all your IDs and include a board resolution requesting for an Admin account (Also signed and stamped). Send the documents to: M-PESABusiness@safaricom.co.ke.

2. Setting up Web Operators

Prior to the current set up, Safaricom required you obtain a certificate so you can access the site. This has thankfully been abandoned in exchange for an OTP sent to the Admin’s phone number. After receiving your Admin credentials we now have to login to the platform and set up our account.

Login screen for Safaricom’s G2 Platform.

Input the OTP (One Time Passcode) sent to your phone number:

OTP input screen

Once you have logged in, click on the Browse Organization Section

Browse Organization Section of the platform

We now proceed to add an operator. Click on Operator and then add

Add Operator Screen on the Safaricom G2 Portal

We need to create an API User (API operator). Proceed to select API under Access channel as shown below and click Next:

Fill in an API Username

Under Rule Profile, be sure to select Web Operator Rule Profile:

Select Web Operator Rule profile

Next, it’s time to select the permissions of the API user. Click on Add just below and select the following permissions:

API user permissions
  • Org B2C API initiator
  • Bundle Purchase Org initiator
  • Balance Query ORG API
  • B2B Org API initiator
  • Transaction Status Query ORG API

Of course, these permissions can be adjusted depending on your particular use case. If you are unsure, however, use the above list. Proceed to the Next step.

The next screen is a KYC screen (Know Your Customer). Ensure all the details filled are correct. Most importantly under the Preferred Notification Channel, select SMS. Input the phone number of choice and proceed next. Use the following format: 254722123456.

Pay attention to the phone number format.

Click on Submit to finally create your API User.

We now need to create a Web Operator to access the platform later.

Please Note:

Web Operators have a default password expiry period after 90 days. Be sure to regularly change your web operator password or your account will go dormant, and you’ll have to contact Safaricom to activate it.

Click on Operators and Add once again 🙂

It’s time to add another User, yay!

Select the Web Access Channel now.

select the Web Access Channel now

Enter a memorable Username, be sure to take note of it. We’ll need this to login to the account later.

Enter a Web Username. Be sure to note it down for later.

Under Rule Profile, select the Web Operator Rule Profile:

Select the Web Operator Rule Profile

It’s time to assign permissions to our new user. Select Add and now we Add a series of new roles.

Permission List available

The permissions I would recommend you add are the following:

  • Business Manager
  • Business Web Operator
  • Balance Query Org API
  • Set Restricted Org API Password
  • Transaction Status Query Org API

Ensure the Set Restricted Org API PASSWORD permission is selected. We will make use of it in a little while.

Hit Next and proceed to the KYC screen:

KYC screen, be sure to input correct details

Remember to use the number format 254XXXYYYYYY and SMS as your Preferred Notification Channel.

Click on Submit to finally create your web operator.

You will receive an SMS on the number you listed containing your Username and Password. This password is temporary and you will be required to change it once you input it. So let’s log out and log in with the details provided.

Ignore the red icons, that’s my password manager doing it’s job 🙂

Pick a memorable but secure password. Next, we login to our web operator user with our password.

You will notice the platform has a couple of extra tabs. Let’s make use of one of them. Navigate to Search and click on Operator.

It’s time to search for an Operator.

Our goal is to assign a password to our newly created API User.

On this Operator screen, search for your API user that you created earlier and click on search. Remember the first user we created?

Fill in the Username of the API User

Once the search is successful, the user should show up. Click on the notepad icon at the very end of the user to edit the details shown below.

Click on the highlighted icon.

The API User profile screen should show up. We can edit most details as we see fit including assigning or revoking permissions. However, in our case, we are only interested in assigning a new password.

User Profile Screen on Safaricom G2 Platform

Click on Set Password and set a secure but memorable password for your API user.

Set a memorable but secure password.

Please Note:

Unlike the Web Operators the API User Passwords do not have an expiry date. I would highly recommend you follow this password guide to help you set up a secure password.

We are now done with the first part of setting up the keys. Take note of the users we have created; we will use them in the next step.

3) Setting Up the Safaricom Daraja Portal

We now have to assign those users to a Safaricom developer account. It’s time to visit the following URL: Daraja — Safaricom Developers’ Portal

We need to sign up for a Safaricom Developer account.

Sign up for a Safaricom Daraja portal account.

Please Note:

This process can be pretty frustrating because Safaricom sends you an OTP to verify your account with a pretty short expiry window. It doesn’t help that there’s sometimes delays, so the emails may arrive late. If this happens just keep retrying until you get it right.

Once we have sign up for a new account it is time to go back to the login and login to the account. Once you do, you’ll be greeted by the following Dashboard page.

Safaricom Daraja Dashboard

Click on the Go Live section. Fill in the details required, which include:

  • The Organization Short Code (Paybill Number / Store Number if it’s a till).
  • The Organization Name (Use the exact name that shows up on the Safaricom G2 Platform).
  • M-PESA Username (I would recommend you use the Web Operator User we just created).
Go Live Safaricom Developer Portal Screen

Accept the terms and conditions and proceed to the next step. Previously we required User testcases but that was thankfully removed (phew!). You will then receive an OTP and asked to select a product. You might as well check everything available.

I can only show the Sandbox screen because I already have an existing app.

Once that is done, you can now create an app (An app provides the credentials necessary). It may take some time for it to be approved. Once done, to view the app created, click on the highlighted dropdown.

Click on the drop down and select your company name.

You’ll now view the app details as shown below

Your app should be green and not red, this one is inactive for use in this tutorial.

Congratulations!!! You now have the consumer key and consumer secret, however we still need the passkey. Fortunately, the pass key will be emailed to you a little later after the app is activated. Be sure to check all folders including spam to find it.

Please Note:

Unfortunately, there’s a bizarre error that occurs if you received your Paybill earlier than the creation of this V2 platform especially if you received the pass key a little earlier. Some V2 apis do not work! You will have to change the url to include v1 to account for this. If you are in a position where you don’t know how long ago the customer Paybill was created, account for both scenarios e.g.

Try the first url: https://api.safaricom.co.ke/mpesa/c2b/v1/registerurl

if it fails, switch to v2: https://api.safaricom.co.ke/mpesa/c2b/v2/registerurl

Hopefully this helps a couple of those devs out there who don’t know why some Paybills are not working.

With that you are now done. Feel free to reach out if you encounter any issue and best of luck on your application!

 

Loading

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

About Author

  • Related Posts

    [Continuation} : five current global situations and how making Physics and Geography compulsory in education could provide solutions

    1. Situation: Climate Change and Global Warming Problem: Rising global temperatures, melting polar ice caps, and extreme weather events are wreaking havoc on ecosystems and human communities. Many people lack…

    Loading

    Read more

    Continue reading

    Average Rating

    5 Star
    0%
    4 Star
    0%
    3 Star
    0%
    2 Star
    0%
    1 Star
    0%

    Incase you missed

    [Continuation} : five current global situations and how making Physics and Geography compulsory in education could provide solutions

    [Continuation} : five current global situations and how making Physics and Geography compulsory in education could provide solutions

    [Continuation]: Current Challenges in Making Physics and Geography Compulsory

    [Continuation]: Current Challenges in Making Physics and Geography Compulsory

    [Resource] : Why Physics and Geography Should Be Compulsory Like Mathematics in Education

    [Resource] : Why Physics and Geography Should Be Compulsory Like Mathematics in Education

    Explainer : What Proxies are and their usage

    Explainer : What Proxies are and their usage

    MPESA consumer, secret and passkeys {Safaricom M-pesaWeBPortal} for API integration {Daraja 2.0}

    MPESA consumer, secret and passkeys {Safaricom M-pesaWeBPortal} for API integration {Daraja 2.0}

    [LINKTREE] 2024 PAST PAPERS , NOTES ,RESOURCE,REVISION,EXAMINATIONS

    [LINKTREE] 2024 PAST PAPERS , NOTES ,RESOURCE,REVISION,EXAMINATIONS

    2024 PAST PAPERS , NOTES ,RESOURCE,REVISION,EXAMINATIONS

    2024 PAST PAPERS , NOTES ,RESOURCE,REVISION,EXAMINATIONS

    Shipbrokers Breach of Authority

    Shipbrokers Breach of Authority

    Explain classification of law

    Explain classification of law

    Maritime Terms, Abbreviations and Acronyms [Shipping Terms – Searchable]

    Maritime Terms, Abbreviations and Acronyms [Shipping Terms – Searchable]

    Maritime Terms, Abbreviations and Acronyms [ Shipping Terms]

    Maritime Terms, Abbreviations and Acronyms [ Shipping Terms]

    KCB BANK CODES ACROSS KENYA BY REGION tabular

    KCB BANK CODES ACROSS KENYA BY REGION tabular

    Optimizing Container Stowage Plan for Efficient Cargo Placement on Ships

    Optimizing Container Stowage Plan for Efficient Cargo Placement on Ships

    Choosing Between Managed and Unmanaged Services

    Choosing Between Managed and Unmanaged Services

    Differences Between Managed and UnManaged Services

    Differences Between Managed and UnManaged Services

    How to check KRA PIN using BRS (Ecitizen)

    How to check KRA PIN using BRS (Ecitizen)

    HTML ERROR MESSAGES

    HTML ERROR MESSAGES

    DISCUSS THE SYSTEM OF COURTS IN KENYA

    DISCUSS THE SYSTEM OF COURTS IN KENYA

    GLOSSARY ON INTERNET TERMS

    GLOSSARY ON INTERNET TERMS

    KEYBOARD SHORTCUTS

    KEYBOARD SHORTCUTS

    NESTICT LMS: INTERNET NOTES

    NESTICT LMS: INTERNET NOTES

    REPORTED SPEECH

    REPORTED SPEECH

    [Explainer]: NVMe storage, SSD (SATA SSD), and HDD

    [Explainer]: NVMe storage, SSD (SATA SSD), and HDD

    SSD vs HDD: What’s the difference?

    SSD vs HDD: What’s the difference?

    Enabling Hyper-V on Windows 10

    Enabling Hyper-V on Windows 10

    Discussion : Windows 10 Virtualization

    Discussion : Windows 10 Virtualization

    BLUETOOTH LAN NETWORK

    BLUETOOTH LAN NETWORK

    PROS CONS AND WAYS OF INVESTING IN BITCOIN

    PROS CONS AND WAYS OF INVESTING IN BITCOIN

    What is a cloud service provider

    What is a cloud service provider

    Application Service Provider (ASP) Meaning

    Application Service Provider (ASP) Meaning

    POSTAL CODES – Updated as at July 2024 – PDF

    POSTAL CODES – Updated as at July 2024 – PDF

    POSTAL CODES – Updated as at July 2024

    POSTAL CODES – Updated as at July 2024

    Check your disk space use with the Linux df command

    Check your disk space use with the Linux df command

    Best Places to get Accounting Internship Opportunities

    Best Places to get Accounting Internship Opportunities

    Top Kenyan Based Companies to apply for internship

    Top Kenyan Based Companies to apply for internship

    Credit Scores Quickk FAQs

    Credit Scores Quickk FAQs

    Credit Score Ranges: What Do They Mean?

    Credit Score Ranges: What Do They Mean?

    RANDOMIZING PHONE NUMBERS IN EXCEL

    RANDOMIZING PHONE NUMBERS IN EXCEL

    [Updated 2024] – Passport Application FOR CHILDREN ONLY(PERSONS UNDER 18 YEARS)

    [Updated 2024] – Passport Application FOR CHILDREN ONLY(PERSONS UNDER 18 YEARS)

    [Updated 2024] -Passport Application FOR ADULTS ONLY-PERSONS OVER 18 YEARS

    [Updated 2024] -Passport Application FOR ADULTS ONLY-PERSONS OVER 18 YEARS

    Understanding Tires Load Index vs Load Range on Car Tires

    Understanding Tires Load Index vs Load Range on Car Tires

    Computer Bus: Video

    Computer Bus: Video

    Computer Bus

    Computer Bus

    Types of Computer Network Topology Explained With Diagrams

    Types of Computer Network Topology Explained With Diagrams

    The Functions of PCI Slots

    The Functions of PCI Slots

    Complementary Metal Oxide Semiconductor – CMOS

    Complementary Metal Oxide Semiconductor – CMOS

    The Computer Motherboard and Its Components Explained

    The Computer Motherboard and Its Components Explained

    AI in Education is Best Experiences

    AI in Education is Best Experiences

    Harnessing the Power of Wind Energy

    Harnessing the Power of Wind Energy

    The Golden Gate’s Timeless Majesty

    The Golden Gate’s Timeless Majesty

    Rise of Competitive Video Gaming

    Rise of Competitive Video Gaming

    Ultimate Sports Ground Experience

    Ultimate Sports Ground Experience

    Global Ocean Cleanup Initiatives

    Global Ocean Cleanup Initiatives

    The Enduring Appeal of Gaming Classics

    The Enduring Appeal of Gaming Classics

    The Art of Mindful Eating

    The Art of Mindful Eating

    Classic Video Games Making a Comeback

    Classic Video Games Making a Comeback

    Sustainable Travel for Eco-Friendly Tourism

    Sustainable Travel for Eco-Friendly Tourism

    Mind-Body Connection for Meditation

    Mind-Body Connection for Meditation

    Future of Work Like Remote Collaboration Tools

    Future of Work Like Remote Collaboration Tools

    Innovations in 3D Printing

    Innovations in 3D Printing