Rails / Providers
The master register of mobile-money rails and aggregators (mmm.provider) - M-Pesa Daraja, Airtel Money, MTN MoMo, Pesapal and Flutterwave. Each record holds the API credentials, callback URL, HMAC secret and per-rail fee schedule that drive STK pushes and disbursements. Getting these right is the prerequisite for every collection and payout in the suite.

Workflow
- Open Rails / Providers under Configuration.
- Create or edit a provider for the rail (M-Pesa, Airtel, MTN, Pesapal, Flutterwave).
- Enter API keys, the callback URL and the HMAC signing secret.
- Define the per-rail fee schedule applied to transactions.
- Toggle sandbox/production and run a test STK push to confirm setup.
Fields reference
Every field on this screen, drawn from the live data model.
| Field | Type | Required | Description |
|---|---|---|---|
Business Short Codeshort_code | Text | — | Daraja BusinessShortCode for STK push (e.g. 174379 sandbox). |
STK Passkeypasskey | Text | — | Lipa Na M-Pesa Online passkey used to derive Password field. |
B2C Initiator Nameinitiator_name | Text | — | API Initiator username (configured in Daraja portal). |
B2C Initiator Passwordinitiator_password | Text | — | Plain initiator password. Encrypted with Safaricom public cert to build SecurityCredential at runtime. |
Daraja Public Cert (PEM)public_cert_pem | Long text | — | RSA public certificate used to encrypt initiator_password. Leave blank to use the baked sandbox cert; override per environment. |
Callback Base URLcallback_url_base | Text | — | Fully-qualified base URL Safaricom calls back. e.g. https://microfinance.example.com/mfi/momo/webhook/mpesa_daraja (use the auto-computed callback_url above unless your edge proxy rewrites the path). |
Display Namename | Text | Yes | Display Name |
Rail Codecode | Choice: M-Pesa Daraja (Safaricom), Airtel Money, MTN Mobile Money, Tigo Pesa / Yas Pesa, Orange Money, EcoCash, HaloCash, Wave | Yes | Rail Code |
Base URLbase_url | Text | Yes | Base URL |
Has Messagehas_message | Yes/No | — | Has Message |
Sequencesequence | Number | — | Sequence |
Activeactive | Yes/No | — | Active |
Sandbox Modesandbox | Yes/No | — | Sandbox Mode |
Consumer Keyconsumer_key | Text | — | Consumer Key |
Consumer Secretconsumer_secret | Text | — | Consumer Secret |
API Keyapi_key | Text | — | API Key |
API Secretapi_secret | Text | — | API Secret |
Paybill / Short Codepaybill | Text | — | Paybill / Short Code |
Default B2C CommandIDb2c_command_id | Choice: Business Payment, Salary Payment, Promotion Payment | — | Default B2C CommandID |
Webhook URLcallback_url | Text | — | Webhook URL |
HMAC Secrethmac_secret | Text | — | HMAC Secret |
Settlement Journaljournal_id | Link → account.journal | — | Settlement Journal |
Supports C2B (Customer→MFI)supports_c2b | Yes/No | — | Supports C2B (Customer→MFI) |
Supports B2C (MFI→Customer)supports_b2c | Yes/No | — | Supports B2C (MFI→Customer) |
Supports STK Pushsupports_stk_push | Yes/No | — | Supports STK Push |
Supports Balance Querysupports_balance | Yes/No | — | Supports Balance Query |
Supports Reversalsupports_reverse | Yes/No | — | Supports Reversal |
# Transactionstransaction_count | Number | — | # Transactions |
Success Rate (%)success_rate | Decimal | — | Success Rate (%) |
Colorcolor | Number | — | Color |
Companycompany_id | Link → res.company | — | Company |
Actions & buttons
Buttons available on this screen and what they do:
- Test Connection
- View Transactions
Notes & rules
- M-Pesa STK push prompts the customer to enter their PIN on their own phone - the PIN is never collected by the institution.
- The HMAC secret is what validates inbound callbacks as authentic.
- Per-rail fees feed automatically into transaction cost calculations.
- Sandbox mode lets staff test against Daraja test numbers before going live.
Was this page helpful?

