Fire an M-Pesa STK Push to a customer's phone, let Safaricom handle the PIN, get a webhook the moment it confirms. Or share a hosted pay-link if your customer isn't on Safaricom. OTP-protected receipts kill screenshot fraud at the till.
Bring your own Safaricom Daraja credentials — Sozuri orchestrates the push, the polling, the confirmation SMS and the webhook. You stay in control of the paybill.
POST phone, amount and an account_reference (max 12 chars). The customer's phone receives the M-Pesa prompt within 2 seconds.
Safaricom handles the PIN prompt natively on the phone. You poll /status/{checkoutRequestId} every ~5 seconds — or just wait for the webhook.
The customer gets an OTP-stamped confirmation SMS. Your endpoint gets a JSON webhook with the full M-Pesa C2B payload (TransID, TransAmount, MSISDN, names).
Phone in any Kenyan format (Sozuri normalises). Amount as an integer (minimum 1 KES). Optional reference (visible on the customer's M-Pesa receipt).
checkout_request_id/zuka/pay/{code}/status/{id} for pending state# Trigger an STK Push to a customer's phone
curl -X POST "https://api.sozuri.net/v1/zuka/push" \
-H "Authorization: Bearer $SOZURI_API_KEY" \
-d '{
"phone": "0712345678",
"amount": 2400,
"account_reference": "INV-4821"
}'
# Response
{
"message": "STK push initiated",
"checkout_request_id": "ws_CO_1801202611220129...",
"merchant_request_id": "29115-34620561-1"
}sozuri.net/zuka/pay/{code} — same backend, same webhook, different prompt.
The native M-Pesa prompt — appears on the customer's phone in 2 seconds, no app, no QR, no friction.
A branded URL you can share over WhatsApp, SMS, email or QR code. Works for every customer, every network.
Confirmation SMS includes a numeric OTP shared between customer and cashier — eliminates the screenshot-fraud problem.
Belt-and-braces: poll the status endpoint for in-progress UI, listen on the webhook for the authoritative answer.
Optional CC SMS to up to three operator phones for every confirmed payment. No more "did it come through?" at the till.
You own the paybill, you own the funds. Sozuri orchestrates calls against your Consumer Key, Secret and Passkey — the money never sits with us.
Galaxion Stores switched their cashier flow to Sozuri-orchestrated STK plus OTP-stamped receipts. Screenshot fraud dropped to zero. End-of-day reconciliation runs in minutes — not hours.
No. You bring your own Safaricom Daraja credentials (Consumer Key, Secret, Passkey). The funds settle directly into your paybill. Sozuri orchestrates the API calls but never touches the money.
STK Push only works on Safaricom numbers. Share the hosted pay-link instead — sozuri.net/zuka/pay/{code}. The customer opens the link, enters their phone, gets the prompt. Same webhook, same receipt.
Safaricom times the STK prompt out at 120 seconds. Sozuri polls the status endpoint to detect outcomes earlier. Best practice: poll every 5 seconds until you see confirmed, fail or 2 minutes elapses.
The confirmation SMS includes a 4-digit OTP. The same OTP appears in the receipt sent to your cashier/operator phones. Before releasing goods, both phones must show the same OTP — defeats screenshot fraud and fake confirmation messages.
One API call. One STK Push. One webhook. End-of-day reports that match the till to the shilling. Bring your Daraja credentials, we'll do the orchestration.