Post RequestPesapal's API Authentication requests are done via a POST request.
Your Pesapal merchant consumer_key and consumer_secret will be used to generate an access token.
This access token is valid for a maximum period of 5 minutes. Use this token (sent as a Bearer Token) to access all other Pesapal API 3.0 endpoints.
The URL to our token generation API is either:
Accept: The response format, which is required for operations with a response body.
Content-Type: The request format, which is required for operations with a request body.
| Parameter | Required | Description |
|---|---|---|
| Accept | Required |
Should be set to application/json |
| Content-Type | Required |
Should be set to application/json |
Your live/production consumer_key and consumer_secret will be sent to your merchant email on opening a business/merchant account.
Please click here to open a live/production business account.
| Parameter | Type | Required | Description |
|---|---|---|---|
| consumer_key | String | Required |
The consumer_key parameter must be set to merchant consumer_key |
| consumer_secret | String | Required |
The consumer_secret parameter must be set to merchant consumer_secret. |
{
"consumer_key": "xxxxx",
"consumer_secret": "xxxxxx"
}
| Name | Type | Description |
|---|---|---|
| token | String | The access token string as issued by the server. The access token issued will have permission to invoke all Pesapa API operations. |
| expiryDate | String | Date and time the token will expire. The access token usually expires after 5mins - UTC |
| error | Object | Error object |
| status | String | Response code |
| message | String | A brief description about the response received. |
{
"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYa",
"expiryDate": "2021-08-26T12:29:30.5177702Z",
"error": null,
"status": "200",
"message": "Request processed successfully"
}