If you’re building a digital payment solution in Kenya, integrating Safaricom’s MPESA is almost unavoidable. The Daraja API provides a powerful way to send and receive MPESA payments from your web or mobile applications.
While testing your application in the sandbox is fairly straightforward, going live on MPESA Daraja requires a few additional steps and a bit of patience. This guide walks you through everything you need to move from testing to live transactions.
Prerequisites Before You Go Live
Before you even think of applying for live credentials, make sure you have:
- A working integration in the sandbox (tested and functioning without errors).
- A registered and verified Paybill or Till Number.
- An active developer account on the Safaricom Developer Portal.
- A publicly accessible URL (https) to receive callbacks (you can use services like Ngrok for local testing or host your app on a VPS/shared host).
Step 1: Test Your Integration in the Sandbox
Use the test credentials provided in your Daraja account to simulate payments via:
- Lipa Na MPESA Online (STK Push)
- C2B (Customer to Business)
- B2C (Business to Customer)
- B2B (Business to Business)
- Transaction Status, Reversal, Account Balance APIs
Ensure:
- Your callback URLs (for
TimeoutURL,ResultURL,ConfirmationURL,ValidationURL) are responding correctly. - You’re receiving and parsing the payload as per MPESA’s format.
- You’re returning the correct 200 OK responses with valid
ResultCodeandResultDesc.
Step 2: Submit a Go Live Request
Once you’re confident that your sandbox integration works, it’s time to apply for production access.
- Go to: https://developer.safaricom.co.ke
- Login and click “Go Live” on your app.
- You’ll be prompted to fill in:
- Paybill/Till Number
- Organization Name
- Use Case (STK Push, C2B, etc.)
- Callback URLs
- Terms & Conditions Agreement
- Upload your test cases for review (this is often a list or document of what you tested and how).
Tip: If you’re working on behalf of a client, you might need a letter of authorization or business documentation.
Step 3: Await Approval and Receive Live Credentials
If everything is okay, Safaricom will review your request and issue you live credentials. These include:
- Live Consumer Key and Consumer Secret
- Live shortcode or Till/PB number linked to your app
- Security Credential (a base64 encrypted version of your initiator password)
You’ll receive them via email or in your developer dashboard.
Step 4: Generate Security Credentials
For B2C/B2B/Account Balance/Reversal APIs, you need a security credential, which is an encrypted version of the initiator password.
Use the Daraja Security Credential Tool or encrypt it using OpenSSL:
bashCopyEditopenssl rsautl -encrypt -inkey sandbox_cert.cer -pubin -in plain.txt -out enc.txt
Step 5: Update Your Code with Live Credentials
Replace your sandbox credentials with the live ones:
- Use the live endpoint:
https://api.safaricom.co.ke/ - Update:
- Consumer Key & Secret
- Shortcode
- Passkey (for STK Push)
- Security Credential
- Ensure your callback URLs are public and served over HTTPS.
Step 6: Test in Production
Now that your app is live:
- Perform a small live transaction to test.
- Confirm:
- You’re receiving callbacks correctly.
- Your database updates are accurate.
- Logging and error handling are in place.
Pro Tips for a Smooth Launch
- Keep logs of every transaction, especially in the early stages.
- Implement retry logic in case of failed callbacks.
- Safaricom often takes 24-72 hours to approve live requests.
- Join the Safaricom Developer Community or Telegram groups for help and quick feedback.
Final Thoughts
Going live on MPESA Daraja is a critical step in launching a reliable payment solution for your app. While the process can feel bureaucratic at times, following these steps ensures you’re fully prepared and compliant with Safaricom’s requirements.
If you’re looking to speed up your MPESA integration or need a custom Daraja plugin/API wrapper, reach out — we’ve helped multiple businesses go live seamlessly.
Happy coding, and welcome to the MPESA ecosystem!