If you are looking for a simple reliable way to integrate Woocommerce with M-pesa to your Online shop and start receiving payments from customers, the article below will take you through every step needed to archive this.
The process is long and there is no shortcut to it, but after following each step outlined below, you will be able to easily receive payments on your Online shop.
The following will be required in order to fully integrate M-pesa to your Woocommerce:
1. Access to M-pesa Organization portal also known as G2 portal
2. An administrator account on The M-pesa portal
4. Account and Production App on Mpesa Daraja portal
5. Account and Production App on Pay Via proxy portal
1. Accessing the M-pesa organization portal
- This portal is a must requirement to any one who want to use Lipa na Mpesa online.
- The portal can only be accessed through a computer (Laptop/Desktop)
- Currently, the portal can only be accessed using Internet exploler and Google chrome.
- You will need to Install a digital certificate on your computer from M-pesa/safaricom in order to access the portal
Step by Step for Installation of M-pesa digital certificate
1. The certificate can only be Installed on Windows Operating system machine. The version of the Windows being only Windows 7,8 and 10.
2. The certificate will be valid for 2 year from day of request unless you format the computer.
3. The Installation is free of charge.
How to Apply
The process needs a visual step by step walk through, the following video from Safaricom will help you with anything you require when Installing the digital certificate, please Download it and follow the process.
Click download to get it on your device, you won’t be leaving this page.
M-pesa organization portal account
After going through the guide above and successfully installing the Mpesa digital certificate, you can now access the Portal on your computer using Internet explorer.
You will however be needed to have an account in order to log in to the portal. This account can only be created by Safaricom for you.You will hence require to write to Safaricom through their M-pesa for business email address, M-PESABusiness@safaricom.co.ke.
The account required is an Administrator account.
Safaricom requires the email you write to them to strictly have the following;
- All required details should be in a business head letter (see example of a head letter below)
- The letter should be signed by at least two people from your business management team
- The letter should have your business stamp
- A back to back soft copy of your National ID/Identification document (Scanned).
Here is an example of a head letter, please note that all the details indicated below are required.
Your Business Name
P.O BOX 66827-00800
RE: REQUEST FOR MPESA PORTAL Administrator ACCOUNT
This is to request for an Mpesa portal administrator account, our business details are as follows:
Organization short code:
Administrator’s user Name:
Date of birth:
Administrator email address:
Name…………………………………….. Signature …..
Name…………………………………….. Signature …..
Your STAMP HERE.
Once you have prepared your Head letter and have other needed documents ready, send them to Safaricom through this email address: M-PESABusiness@safaricom.co.ke
You will get a response within 3 Days, if you do not get the response past 3 days, you can try contacting Safaricom using the following methods:
- On official twitter handel; Safaricom PLC
- On official Facebook page: Safaricom PLC
- Telphone number: 0722 002 222
After getting your Adminstrator account, continue with Integrating your Woocommerce Shop with M-pesa by following the steps below.
Pay via ProxyAPI Plugin
The Pay Via Proxy Plugin is not the official M-pesa plugin and has no control over the M-pesa API as stated by the developer disclaimer on WordPress. It is worth noting that the plugin does not use the official daraja API alone from Safaricom but also uses the Pay Via Proxy API.
The use of the above two mentioned APIs gives this plugin high reliability and good performance. Here are some reasons as to why the plugin is reliable;
1. The STK push used by Daraja API is highly unreliable since it fails to complete request at times. For example, during checkout, the STK push may fail to launch at times blocking customers from sending payments hence a turn off. With the back up of the Pay via Proxy API, if the STK push fails, a second request known as C2B (Customer to Business) is initiated automatically. This ensures at all normal functioning of M-pesa, you will be guaranteed of receiving Payments.
2. The Pay Via Proxy API efficiently handles Callbacks from M-pesa or the feedback from M-pesa and takes the next action automatically, for example, if the customer payment does not go through e.g because of insufficient funds, the order will be auto marked as failed. If the payment goes through, it will be auto marked as completed.
The plugin is commercial, while installing is fully free, a payment of KSH 1,500 per month applies, just to mention, this is perhaps the best price you will get for any highly reliable M-pesa API.
Don’t worry though, charges aren’t Immediately, the developer gives you two weeks period to use this plugin on production without paying. This will give you time to evaluate the performance.
Installing, Activating and receiving payments through Pay via Proxy Plugin
To use the plugin, you will require;
- A Paybill number or Till Number
- Access to M-pesa Organization Portal and a business administrator account as required by Safaricom for anyone integrating M-pesa online.
For installation of the plugin, you can use this to methods;
Method 1: Manual method
- First, download the plugin on WordPress, click here to download it.
- Now go to your WordPress admin Dashboard. Click on; Plugins -> Add New -> Upload plugin. Choose Browse, go the folder where the download was stored and click on it to Upload.
- Upon successful upload, click on Install Now and then Activate the plugin.
Method 2: Auto Install
- On your WordPress Admin dashboard, go to Plugin -> Add new . On the Search bar, enter the exact name of the plugin as follows, Pay via ProxyAPI.
- Click on Install Now then Activate.
On your WordPress dashboard still, Visit WooCommerce -> Settings -> Payments and click on Setup on The Pay via ProxyAPI option.
Make sure that the Enable/Disable Pay via ProxyAPI payment is ticked.
Configure the Title and Description as they will appear in your Checkout Page.
You will realize an API key is required to get the plugin running.
How to get the API Key
- Visit the official Plugin API portal through https://api.proxyapi.co.ke/
- Choose whether to continue through your Gmail or, Microsoft account, after successful login, you will be redirected to the Portal dashboard.
- Click on Apps and choose Add at the top right
On App Name, enter the name of your business, or any other suitable name. Leave all other fields as default including the Environment field and click on Save.
If you change the Environment from Sandbox to Production, you will not be able to reverse it back to sandbox. Sandbox environment allows you to test before going to production where you will be receiving payments.
- Now click on Shortcodes on the Left of the dashboard and click on Add at the top.
- On the Next screen with New shortcode as Title, click on Start
- On the Shortcode type choose correctly as follows;
If you are using a Till number choose- C2B Till
If you are using a Paybill choose- C2B paybill
Click on Next
- On the next Screen, enter your paybill/ Till number and the assigned name as given when registering it with Safaricom. Then click Next.
- Confirm that you have an Administrator account on M-pesa portal and click Next.
- A pop up screen will appear asking you for particular details.
To get this particular details, you will require to Login to the M-pesa portal then follow the following steps;
Using your computer Internet explorer, go to the M-pesa portal through https://org.ke.m-pesa.com
Login to the Portal using your Administrator details
From the Pay via Proxy dashboard, you are being requested for an Initiator Name and Password.
Follow the following steps to Create the initiator on M-Pesa portal and associated password:
- When logged in as Admin click on My functions ->Operator management
- At the bottom click Add
- On Access channel, choose API ( please note, don’t choose Web)
- Enter a username you will easily remember and click Next
- On rule, choose web operator profile rule
- On the Roles section, click Add found at the top of the section.
- Mark only the Transaction Status query ORG API, press ok then Next (Its important to note that you should not assign any other role expect this)
- Fill in all the required details, on preferred Notification channel, choose SMS and enter a phone number you currently can access on Notification receiving MSISDN.
- Click Next, review and if everything is okay, submit.
- After submission, go to My functions -> Operator management and search for the user you just created using the username option.
- On the action field, choose edit/the pen like icon
- Now click on set password and set the password for this user.
What if the option for setting password is greyed/ appear disabled on the portal?
If you were able to set the password, skip this section. If not, it means you will have to do the following:
Follow the following steps:
- Still on M-Pesa portal as Business Admin, go to My functions -> Operator management and choose Add
- On access channel choose Web and click Next (Do not choose API)
- Enter a username that you will remember easily and click Next
- On rule, choose Web Operator profile rule
- Above Roles, click Add and choose these two; Business manager and Manage Org Initiator Passwords
- Enter the other details as required and as stated previously, choose SMS as the notification channel and enter a mobile phone number you can access now.
- Now logout as the Business Admin and login as the newly created Business Manager through the password sent to the phone number you entered.
- After successful login as the business Manager, go to My functions> Operator management and search for you admin account.
- On Actions, click on edit then on Roles, click Add and assign the SET RESTRICT PASSWORD role, enter any reason and submit.
- Now log out as Business Manager and Log in as Administrator
- Go to My functions -> Operator management and search for the first user you created( With Transaction Status query ORG API role)
- On Actions, click edit and now, you can set the password for the user. Do this and submit.
Now we have the password and user name for the initiator required at Pay via Proxy portal. Lets go back to the portal.
Fill in the username of the user you created with Transaction Status query ORG API role on the form provided in the Pay via proxy portal.
The password is required to be Encrypted, follow the following steps to encrypt it:
On the Pay via Proxy portal dashboard, Go to Sandbox and Utilities, Choose Utilities tab at the top and ensure selected Operation type is Encrypt Production Security Credential. On Operation value, enter the Password of your initiator (the user/operator you created with Transaction Status query ORG API role). Click execute and copy the Output operation.
If the previous window where you were to enter the Initiator password and Name was closed, repeat the shortcode adding process.
Also send any amount to your paybill number/Till number and note the confirmation code in the M-Pesa SMs, e.g OIA1CBQ9WR
Enter the username of your initiator and
Enter The Encrypted password of the Initiator that you just created (The output operation you copied).
On the Transaction Query ID, enter the M-Pesa confirmation code of transaction you just sent.
Click on Validate and the shortcode will be successfully validated and will be added to the portal. Choose the App that you created to be attached to the Shortcode.
To access the API Key, go to shortcodes on the Pay via Proxy API dashboard. Double click on the the Shortcode that you added, ensure that the Shortcode status is Active, also activate Use Shortcode for Pay via ProxyAPI, on the right side, click Save.
Your API key will be generated, copy this and paste it on your Pay via Proxy plugin configuration API key field.
Phone number making the payment is required on checkout: Confirm that the Phone number field that is usually in the Checkout billing form on WooCommerce is enabled.Also Give it a title and description that will let customers know that the number they are to enter is the same number that will receive the payment prompt.
Carry out some tests by trying to order items on your WooCommerce. When you are satisfied with the process, go back to Pay via ProxyPI portal and change the App that you created status from Sandbox to Production.
Now you can receive payments from your clients successfully on WooCommerce through M-pesa.
You can try ordering a product or create a test product and order it and you will successfully receive the payment on your Till or Paybill.
You will however note that the prompt that shows on M-pesa asking the client to enter their PIN is not of your business name, instead, it belongs to the the Pay via ProxyAPI Portal. The amount however is being sent to your paybill/Till. This is because you have not yet entered you PassKey on the ProxyAPI portal. The STK Prompt gets its prompt name from the owner of the Passkey on Safaricom’s side. Thus, to change the prompt to show your business name, you will have to first get the Passkey and enter it on Pay via ProxyAPI portal. This Passkey is provided by Safaricom only and they will require you to Go Live on their official API portal, Daraja. Follow the following steps to obtain your passkey.
- Go to the Daraja portal throughhttps://developer.safaricom.co.ke/home and Sign Up
- After creating your account successfully, Log in.
- Click on my Apps and choose Add New App
- Assign the App a name, preferably, you business name. Choose Lipa Na M-Pesa Sandbox and click on create App.
- Click on Go live on the Top. Download Test cases and fill the necessary fields as success, or just leave the form as is; upload them on the provided field on Daraja portal. Check terms and conditions box and click on Next.
- On verification type, choose Shortcode, enter the details according to your M-Pesa portal account.
- Click verify, an OTP will be sent to your M-Pesa portal admin account phone number, enter it in and ensure that the Lipa na M-pesa production option is ticked. You should be fast since the OTP expires in 3 minutes. Click on Submit.
- The details will then be sent to Safaricom.Wait for the app to be approved (this might take a day or more). When it is approved, you will receive a notification on your email address.
- To get the passkey, write an email to API support team through, firstname.lastname@example.org. Your subject body should be your production app name, something like
This production name can be found on the email you get when the app from Daraja portal is approved. The support team will send you the passkey to your shortcode email address (it may take a day).
- Copy this PassKey and Go to Pay via ProxyAPI portal, Login to your dashboard. On shortcodes, double click on the shortcode that you added and on the LNM passkey, paste your passkey. Click on Save.
- A new API key will be generated afresh, copy it and replace the old API key with the new one by pasting it on your Pay via ProxyAPI plugin settings. Note that every save on the settings page generates a new API Key, thus be careful not to overwrite a key thats already in use on a live system.
Now, if you try making an order, the M-Pesa prompt will show your business name as set when you went live. cheers!!