PocketPesa API Documentation
Build powerful financial applications with East Africa's leading digital wallet platform
Multi-Currency
UGX, KES, TZS, USD
Mobile Money
MTN, Airtel, MPESA, Tigo
Card Payments
Visa, Mastercard
Real-time
Webhooks & Updates
Base URL
https://api.pocketpesa.app/api/v1
Authentication
PocketPesa API uses JWT (JSON Web Tokens) for authentication. All protected endpoints require a valid JWT token in the Authorization header.
Required Headers
Authorization: Bearer <access_token>
Content-Type: application/json
Accept: application/jsonAuthentication Endpoints
Register User
POST
/auth/register
Request
{
"phone": "+256701234567",
"password": "SecurePass123!",
"first_name": "John",
"last_name": "Doe",
"email": "john@example.com"
}Response
{
"success": true,
"message": "User registered successfully",
"data": {
"user_id": "usr_abc123",
"phone": "+256701234567",
"verification_required": true
}
}Login
POST
/auth/login
Request
{
"phone": "+256701234567",
"password": "SecurePass123!"
}Response
{
"success": true,
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"token_type": "bearer",
"expires_in": 3600,
"user": {
"id": "usr_abc123",
"phone": "+256701234567",
"first_name": "John",
"last_name": "Doe"
}
}
}Transaction Endpoints
Mobile Money Top-up
POST
/transactions/topup
Request
{
"currency": "UGX",
"amount": 10000,
"payment_method": "mobile_money",
"msisdn": "+256701234567",
"description": "Wallet top-up"
}Response
{
"success": true,
"message": "Top-up initiated successfully",
"data": {
"transaction_id": "txn_abc123",
"amount": 10000,
"currency": "UGX",
"fee": 100,
"status": "processing",
"created_at": "2024-01-01T12:00:00Z"
}
}P2P Transfer
POST
/transactions/transfer
Request
{
"recipient_phone": "+256701234568",
"currency": "UGX",
"amount": 5000,
"pin": "1234",
"description": "Payment"
}Response
{
"success": true,
"message": "Transfer completed",
"data": {
"transaction_id": "txn_abc123",
"amount": 5000,
"currency": "UGX",
"fee": 25,
"status": "completed",
"created_at": "2024-01-01T12:00:00Z"
}
}User Management Endpoints
Get User Profile
GET
/users/profile
Headers
Authorization: Bearer <token>Response
{
"success": true,
"data": {
"id": "usr_abc123",
"phone": "+256701234567",
"first_name": "John",
"last_name": "Doe",
"kyc_status": "verified",
"kyc_level": 2,
"wallets": [
{
"currency": "UGX",
"balance": "50000.00"
}
]
}
}Set Transaction PIN
POST
/users/set-pin
Request
{
"pin": "1234",
"confirm_pin": "1234"
}Response
{
"success": true,
"message": "PIN set successfully"
}Wallet Endpoints
Get All Wallets
GET
/wallets
Headers
Authorization: Bearer <token>Response
{
"success": true,
"data": [
{
"currency": "UGX",
"balance": "50000.00",
"available_balance": "50000.00",
"daily_limit": "1000000.00",
"status": "active"
},
{
"currency": "KES",
"balance": "1500.00",
"available_balance": "1500.00",
"status": "active"
}
]
}Products & Bills Endpoints
Get Available Products
GET
/products
Query Parameters
?category=AIRTIME
?search=MTNResponse
{
"success": true,
"data": {
"products": [
{
"name": "MTN Uganda Airtime",
"code": "MTN_UG_AIRTIME",
"category": "AIRTIME",
"has_price_list": false,
"provider": "MTN"
}
],
"total": 21,
"categories": ["AIRTIME", "INTERNET", "TV"]
}
}Validate Product
POST
/products/validate
Request
{
"product_code": "MTN_UG_AIRTIME",
"amount": 1000,
"msisdn": "0701454887",
"contact_phone": "0701454887"
}Response
{
"success": true,
"data": {
"validation_reference": "416b358df57e82a6",
"customer_name": "",
"amount": 1000,
"fee": 10,
"total_amount": 1010
}
}Savings Endpoints
Get Savings Accounts
GET
/savings/accounts
Headers
Authorization: Bearer <token>Response
{
"success": true,
"data": [
{
"id": "sav_ugx_abc123",
"name": "Emergency Fund",
"currency": "UGX",
"balance": "250000.00",
"target_amount": "500000.00",
"interest_rate": "0.0600",
"account_type": "target",
"progress_percentage": 50.0
}
]
}Business Endpoints
Create Payment Request
POST
/business/payment-requests
Request
{
"amount": 50000,
"currency": "UGX",
"description": "Product purchase",
"customer_phone": "+256701234567",
"customer_email": "customer@example.com",
"expires_at": "2024-01-02T12:00:00Z"
}Response
{
"success": true,
"data": {
"id": "pr_abc123",
"amount": 50000,
"currency": "UGX",
"status": "pending",
"payment_url": "https://pay.pocketpesa.app/pr_abc123",
"expires_at": "2024-01-02T12:00:00Z"
}
}Admin Endpoints
Get All Users
GET
/admin/users
Query Parameters
?search=john
?kyc_status=verified
?role=user
?page=1&limit=50Response
{
"success": true,
"data": [
{
"id": "usr_abc123",
"phone": "+256701234567",
"first_name": "John",
"last_name": "Doe",
"kyc_status": "verified",
"role": "user",
"status": "active"
}
],
"pagination": {
"current_page": 1,
"total": 100
}
}Error Handling
Error Response Format
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "The given data was invalid",
"details": {
"phone": ["The phone field is required"],
"amount": ["The amount must be at least 500"]
}
},
"timestamp": "2024-01-01T12:00:00Z",
"request_id": "req_abc123"
}HTTP Status Codes
| Code | Status | Description |
|---|---|---|
| 200 | OK | Request successful |
| 201 | Created | Resource created successfully |
| 400 | Bad Request | Invalid request parameters |
| 401 | Unauthorized | Authentication required or failed |
| 403 | Forbidden | Access denied |
| 404 | Not Found | Resource not found |
| 422 | Unprocessable Entity | Validation failed |
| 429 | Too Many Requests | Rate limit exceeded |
| 500 | Internal Server Error | Server error |
Common Error Codes
Business Logic Errors
- INSUFFICIENT_BALANCE - Wallet balance too low
- KYC_REQUIRED - KYC verification needed
- TRANSACTION_FAILED - Payment processing failed
- DUPLICATE_TRANSACTION - Transaction already exists
System Errors
- RELWORX_SERVICE_ERROR - External service error
- RATE_LIMIT_EXCEEDED - Too many requests
- SERVICE_UNAVAILABLE - Service temporarily down
- MAINTENANCE_MODE - System maintenance
Webhooks
PocketPesa sends webhooks to notify your application about transaction status changes and other important events.
Webhook Events
| Event | Description |
|---|---|
| transaction.pending | Transaction initiated |
| transaction.processing | Transaction being processed |
| transaction.completed | Transaction successful |
| transaction.failed | Transaction failed |
| kyc.submitted | KYC documents submitted |
| kyc.approved | KYC verification approved |
| kyc.rejected | KYC verification rejected |
Webhook Payload
{
"event": "transaction.completed",
"data": {
"transaction_id": "txn_abc123",
"user_id": "usr_def456",
"type": "topup",
"amount": "10000.00",
"currency": "UGX",
"status": "completed",
"relworx_reference": "d3ae5e14f05fcc58427331d38cb11d42",
"completed_at": "2024-01-01T12:01:30Z"
},
"timestamp": "2024-01-01T12:01:31Z",
"signature": "sha256=abc123..."
}Webhook Verification
Verify webhook authenticity using HMAC-SHA256:
$payload = file_get_contents('php://input');
$signature = $_SERVER['HTTP_X_POCKETPESA_SIGNATURE'];
$expected = hash_hmac('sha256', $payload, $webhook_secret);
if (!hash_equals($signature, $expected)) {
http_response_code(401);
exit('Invalid signature');
}Webhook Endpoints
- Transaction Updates:
POST https://yourapp.com/webhooks/pocketpesa - KYC Updates:
POST https://yourapp.com/webhooks/kyc - Card Payment Returns:
POST https://yourapp.com/webhooks/card-return
Rate Limiting
API requests are rate limited to ensure fair usage and system stability.
Rate Limits
| Endpoint Category | Limit | Window |
|---|---|---|
| Authentication | 10 requests | per minute |
| Registration | 5 requests | per minute |
| Transactions | 10 requests | per minute |
| General API | 100 requests | per minute |
Rate Limit Headers
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1609459200Rate Limit Exceeded Response
{
"success": false,
"error": {
"code": "RATE_LIMIT_EXCEEDED",
"message": "Too many requests. Please try again later.",
"details": {
"retry_after": 60,
"limit": 10,
"window": "1 minute"
}
},
"timestamp": "2024-01-01T12:00:00Z"
}SDKs & Examples
cURL Examples
Authentication
curl -X POST https://api.pocketpesa.app/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"phone": "+256701234567",
"password": "SecurePass123!"
}'Top-up Wallet
curl -X POST https://api.pocketpesa.app/api/v1/transactions/topup \
-H "Authorization: Bearer your-jwt-token" \
-H "Content-Type: application/json" \
-d '{
"currency": "UGX",
"amount": 10000,
"payment_method": "mobile_money",
"msisdn": "+256701234567"
}'