Testing MPESA Daraja APIs with Postman

M-Pesa is one of the most popular mobile money services in Kenya, and as developers, integrating it into our applications opens up a world of possibilities. This article will walk you through how to test MPESA's Daraja APIs using Postman. We'll cover the essentials, including generating an access token, making API requests for key services like STK Push and Transaction Status, and handling responses effectively. Whether you're just starting or looking to sharpen your API testing skills, this guide will help you get up and running with Daraja in no time.

Setting Up Postman for Daraja API Testing

To begin, you'll need to have a Safaricom developer account. If you don't have one, head over to the Safaricom Daraja Portal and create an account. Once you've signed in, create an app on the portal, and you'll be provided with a Consumer Key and Consumer Secret. These two will be essential for generating the access token required to use the APIs.

In Postman, create a new collection and set up an environment for your API testing. Here, you'll define variables such as the base URL, consumer key, and consumer secret.

Generating an Access Token

The access token is the key to unlocking Daraja's APIs. To get started, create a new request in Postman:

URL: Use the token endpoint https://sandbox.safaricom.co.ke/oauth/v1/generate?grant_type=client_credentials

Authorisation: Select Basic Auth and input your Consumer Key as the username and Consumer Secret as the password.

Send the request. A successful response will include an access token. Save this token in an environment variable to reuse in subsequent requests.

Making API Calls: STK Push Simulation

With the access token ready, you can now test the STK Push service, which is one of the most used APIs.

Endpoint: https://sandbox.safaricom.co.ke/mpesa/stkpush/v1/processrequest

Method: POST.

Headers: Include the Authorisation header as Bearer {{access_token}}

The request body for the Lipa na M-PESA Online Payment API (STK Push) contains key parameters required for processing a transaction:

• BusinessShortCode: Your business Paybill/Till number.

• Password: A secure, base64-encoded string combining BusinessShortCode, PassKey, and Timestamp.

• Timestamp: Time of the transaction in YYYYMMDDHHMMSS format.

• TransactionType: Always CustomerPayBillOnline for STK Push.

• Amount: Payment amount, e.g., 1.

• PartyA: Customer's phone number in international format.

• PartyB: Same as BusinessShortCode.

• PhoneNumber: Same as PartyA.

• CallbackURL: Your server endpoint for M-PESA responses.

• AccountReference: A unique reference for the transaction.

• TransactionDesc: Brief description of the transaction.

Send the request and observe the response. If successful, you'll receive a pop-up on your phone to enter your MPESA PIN and CheckoutRequestID, which you can use for further operations like transaction queries.

Testing M-PESA APIs with Postman simplifies the process of validating requests and responses before integrating them into your application. With proper setup and parameter configuration, you can handle tasks like generating access tokens, initiating payments, and testing callbacks efficiently.

In conclusion, testing MPESA's Daraja APIs with Postman is a straightforward process that empowers developers to seamlessly integrate mobile money services into their applications. By setting up a Safaricom developer account, generating access tokens, and making API requests for services like STK Push, developers can efficiently validate and handle transactions. This guide provides a solid foundation for both beginners and experienced developers to enhance their API testing skills and ensure smooth integration with MPESA's services.

Having trouble with the documentation? Check this out