MPESA G2 API Integration (C2B | B2C | B2B | Online Checkout ) STEP BY STEP GUIDE- Part 1

Well, if you are here, you must be one of the people who have faced the pain of integrating to M-PESA via the G2 API. Trust me, for over 5 years I have lead the team at Mobidev where we have integrated to Telcos (Vodacom, MTN Uganda, MTN Nigeria, Etisalat Nigeria, Airtel and Safaricom) and several banks too including Barclays Cybersource API and I have not faced a more painful process than integrating to M-PESA.

This is an attempt at a step by step guide on how to go about it right from applying for a paybill to deploying your payment solution to production. This is drawn from my experience integrating C2B, B2C, B2B and Online Checkout APIs for a number of clients.

I will assume ubuntu 14.04 or *nix server (LAMP Stack) and SSH access to server.

This may not work for everyone (especially Windows people) and you may not need to read everything so take whatever suits you and move on!

So what should we expect?

The following is some sort of ‘course outline’ of what we’ll cover:


  • Applying for a Paybill
  • Completing the customer readiness questionaire
  • Completing the VPN form
  • Safaricom CRQ process and expectation

Establishing Connectivity over VPN:

  • VPN Setup on your server (We’ll use Ubuntu and OpenSwan)
  • Connecting your VPN to Safaricom using the Pre-Shared Key
  • Understanding Subnets and Routing table

SSL manenoz:

  • Generating a 2048kb Self-signed certificate
  • Request for signing from Safaricom Security team
  • Extracting M-Pesa API Certificate and using it in your server


  • What to do with that crazy UAT excel sheet
  • User acceptance tests over http
  • Registering validation and confirmation URLs to M-PESA Test Server
  • User acceptance tests over https
  • Moving to production


  • Again, what to do with that crazy B2C UAT excel sheet
  • User acceptance test over http
  • UATs over https
  • Moving to production


  • Same as B2C with minor changes

Online Checkout

  • There are lots of resources online already for online checkout so we’ll briefly just touch on this or point to some of the resources.

As you can see, this will be a lot of work and I can’t promise to write all the documentation as fast as the community would wish due to other ongoing projects and this may take a while to complete.

I am however available for consultancy in case of any urgent need for integration. Just email leo[at] or mpesa[at]

See you in part 2 but before then you can prepare by:

  1. Setting up an ubuntu server (AWS or DigitalOcean should sort you out).
  2. Download M-PESA Documentation
  3. Read on IPsec

</Happy Coding>