Integrating Daraja 2.0

Licio Lentimo
3 min readApr 11, 2023

In light of the blog post I wrote in 2019, Safaricom upgraded their set of APIs and documentation to a newer version since then. This is an updated version of that post. Kindly make sure you create a Safaricom developer account. Since I was on the previous version, I was prompted to reset my password for the new platform.

Password reset required if you haven’t logged in to the new version yet

I was greeted with a pop up message informing me of the new changes they had made.

Update to M-PESA API

Create New App

I then proceeded to create a new sandbox app and chose Lipa Na M-PESA Sandbox.

Create new app

Once created, you can toggle on and view your consumer key and secret. This is a much smoother way compared to the older version.

New Sandbox app

Lipa Na M-PESA Online API

Lipa na M-PESA online API also known as M-PESA express (STK Push/Network Initiated push) is a Merchant/Business initiated C2B (Customer to Business) Payment. This eliminates the challenge of having to remember business pay bill numbers and account numbers and allows customers to simply confirm the transaction by entering their M-PESA PIN on their devices. According to the documentation on M-PESA Express API, the process to integrate this is as follows:

  1. The Merchant(Partner) captures and sets the API required parameters and sends the API request.

2. The API receives the request and validates it internally first, then sends you an acknowledgment response.

3. Through API Proxy an STK Push trigger request is sent to the M-PESA registered phone number of the customer’s making the payment.

4. The customer confirms by entering their M-PESA PIN.

5. The response is sent back to M-PESA and is processed as below:

a) M-PESA validates the customer’s PIN

b) M-PESA debits the customer’s Mobile Wallet.

c) M-PESA credits the Merchant (Partner) account.

6. Once the request is processed send the RESULTS back to the API Management system which is then forwarded to the merchant via the callback URL specified in the REQUEST.

7. The customer receives an SMS confirmation message of the payment.

Generate an Access Token

For this process, head over to the APIs tab at the top of the page and select Authorization.


Next, on the right hand side select you app from the list of apps in the pop up window. Afterwwards, click on the middle icon that will simulate the request to generate an access token.

Simulate request to generate access token.

Check out this video to help you out with this process.

The process is rather straightforward with this new version of Daraja. You are provided with a sandbox environment to test you credentials and simulate a transaction in the browser. You can copy the code samples from different languages and add them to you app as needed.

Simulation window

You can proceed to Part 2 here where I demonstrate integrating M-PESA in an Android app.



Licio Lentimo

I write content on Android and Web technologies. Currently focusing on Cybersecurity. Find me on