In order to go LIVE with MPESA through peach payments, you need to provide us with the below credentials. You would have gotten these from MPESA during onboarding.
C2B/ Lipa na M-PESA API
| Config Value | Description |
| Prod-Name | Your production name that is assigned to you by M-PESA |
| PartyB/Shortcode | The Short Code of the Organisation receiving funds |
| Passkey | Required for the base64 encoding that generates the "Password" for the transaction |
| Consumer Key | For the generation of the OAuth access token |
| Consumer Secret | For the generation of the OAuth access token |
B2C/ Refund API
| Config Value | Description |
| Initiator Name | The username used to authenticate the transaction request |
| SecurityCredential | Validates transaction on M-PESA core system |
| PartyA/Shortcode | Organization's shortcode |
| Consumer Key | For the generation of the OAuth access token |
| Consumer Secret | For the generation of the OAuth access token |
If you dont have M-PESE Credentials, you can read the below that gives information on how this can be done.
M-PESA APPLICATION PROCESS:
- Apply for B2C, C2B and B2B short codes. For each application ensure that portal access is also requested as the username is required for Step 2
- After completing testing, upload the test cases Excel spreadsheet attached below in the developer portal: https://developer.safaricom.co.ke/home
- Use this as a guide for the Go Live process: https://developer.safaricom.co.ke/docs#going-live
- The test case document needs to be uploaded separately for the B2C and C2B portals respectively ie. step 2 needs to be done twice for each short code
- Once test cases have been uploaded wait for the M-Pesa Team to approve test cases and provide production API URL's and credentials. Send these credentials to Peach Payments to get started
- Request M-Pesa certificate to allow your organization to access the M-Pesa admin portal following the steps here: https://peternjeru.co.ke/blog/wp-content/uploads/2019/01/How-to-Apply-and-Install-M-PESA-Certificate-Updated.pdf
- Ensure that you've done the following or else step 5 will fail:
Add the Vodafone URL https://vmtke.ca.vodafone.com/certsrv under trusted sites using the steps below:
Tools > Internet options > Security > select trusted sites > select Sites > add the URL > refresh browser and resubmit the certificate request. Then add it under compatibility view settings also by clicking on Tools >Compatibility view settings > Add - Once access to the certificate has been granted. Ensure that the certificate is placed under Personal using the steps below:
Tools > Internet options > Content > Certificates - For the B2C API, a security credential needs to be configured in the portal by following step 5 here
Integration Options:
You can do a custom intergration with MPESA into our Checkout (Hosted Payments Page) or using our Switch.
MPESA can also be used with Shopify, Wordpress, Magento
NB:
M-Pesa Short Codes will be deactivated after 6 months of inactivity
M-Pesa Login accounts will be locked 30 days of inactivity