Built by TukiTech · East Africa

The payment gateway your platform plugs into once

Lipachap routes mobile money collections and disbursements through a single Selcom-compatible API. Connect Vikoba, marketplaces, billing systems, or custom backends — with sandbox keys in seconds and production-grade signed webhooks when you go live.

Start in sandbox — free Integration guide

Platform

One gateway for collections, payouts, and reconciliation

Lipachap sits between your application and mobile money operators. Your backend signs API requests, Lipachap talks to the right network route, and your webhook endpoint receives the final payment outcome — so you never block user flows polling for status.

1

Your platform

Create a unique transid, sign the JSON body, and POST to Lipachap from your server — never from a mobile app or browser.

2

Lipachap

Validates digest auth, resolves MSISDN to the correct MNO route, queues the transaction, and tracks fees and references.

3

Mobile network

Customer approves STK push, USSD, or wallet debit depending on operator and transaction type.

4

Your webhook

Receive HMAC-signed JSON with SUCCESS or FAILED. Update orders, contributions, or ledger entries idempotently.

Payment operations

Three core API flows

CASHIN

Collections

POST /v1/walletcashin/process

Pull funds from a customer MSISDN into your merchant flow — contributions, checkout payments, wallet top-ups, loan repayments, or invoice settlement.

  • Amount passes through at face value on deposits
  • Optional utilityref for your order or member id
  • Returns Lipachap reference for support and reconciliation
CASHOUT

Disbursements

POST /v1/gateway/cashin

Send funds to a registered mobile money wallet — loan disbursements, vendor payouts, refunds, or withdrawal to customer MSISDN.

  • Pass pre-calculated providerFee, platformFee, and totalCharged
  • Transparent fee breakdown stored on the transaction
  • Same digest auth and webhook lifecycle as collections
Status

Reconciliation

POST /v1/checkout/status

Look up any transaction by your transid when a webhook is delayed or you need to verify state during support calls.

  • Statuses: PENDING, SUCCESS, FAILED
  • Scoped to your merchant API key
  • Duplicate transid returns existing record (code 101)

Coverage

East Africa mobile money, routed automatically

Lipachap detects country and operator from MSISDN prefixes and routes to the configured provider integration. You send a normalized phone number; the gateway handles network label, provider key, and integration endpoint selection.

  • Tanzania Vodacom M-Pesa, Airtel Money, Tigo Pesa, Halotel
  • Kenya Safaricom M-Pesa, Airtel Money
  • Uganda MTN Mobile Money, Airtel Money
  • More Extensible provider modules per country route table

Sandbox uses mock provider mode for end-to-end testing without live MNO charges.

POST /v1/walletcashin/process
Authorization: GATEWAY <digest>

{
  "transid": "TXN-20260531-001",
  "amount": 25000,
  "msisdn": "255712345678",
  "utilityref": "ORDER-8842",
  "utilitycode": "VMCASHIN",
  "countryCode": "TZ"
}

Developers

Built for backend engineers, not copy-paste SDK lock-in

Lipachap uses Selcom-compatible digest authentication so existing integrations can migrate with minimal changes. Sign sha256(secret + path + rawBody), send JSON over HTTPS, verify webhooks with HMAC — done.

Environments

HostKeys
sandbox.api.lipachap.comTEST
api.lipachap.comLIVE (approval required)

TEST keys are rejected on the live host and vice versa — no accidental production charges during development.

Webhooks you can trust

Every callback includes:

  • X-Gateway-Timestamp — reject stale requests
  • X-Gateway-Signature — HMAC-SHA256 over {timestamp}.{body}
  • X-Gateway-Nonce — unique per delivery attempt

Failed deliveries retry with backoff. Your handler should return HTTP 200 and treat transid idempotently.

Code samples

Full integration guides and copy-paste examples in five languages:

JavaScriptJavaPHPPythonGo

View all code samples →

Merchant dashboard

  • Self-serve sandbox signup with instant TEST keys
  • Rotate API keys and manage TEST vs LIVE modes
  • Configure webhook URLs and signing secrets
  • Transaction log, profit ledger, and LIVE approval workflow
Open dashboard →

Use cases

Platforms already shaped for Lipachap

Microfinance & savings groups (Vikoba)

Member contributions and loan repayments via CASHIN; loan disbursements and group payouts via CASHOUT with fee fields passed through. Webhooks drive ledger updates in your core banking or group management system.

E-commerce & marketplaces

Checkout collection at order placement; vendor settlement batches with unique utilityref per seller. Status API as fallback when customers close the browser before webhook delivery.

SaaS billing & subscriptions

Recurring mobile money pulls keyed to subscription ids. Separate sandbox merchant per environment. Dashboard transaction export for finance reconciliation.

Consumer wallet (Lipachap mobile)

Closed-loop e-money balance with top-up, withdraw, P2P send, and pay-merchant flows on the same gateway infrastructure.

Pricing

Transparent fees — no surprises on inbound money

Deposits and contributions move at face value. Lipachap platform fees apply on withdrawals and disbursements, alongside the mobile network provider tier.

Deposits & collections (CASHIN)

Face value · zero Lipachap platform fee

When a customer pays 10,000 TZS, your transaction records 10,000 TZS. The mobile network may charge the customer its standard MNO fee directly — Lipachap does not add a platform markup on inbound payments.

Withdrawals & disbursements (CASHOUT)

Provider fee + platform fee

Outbound transfers include a network provider fee (tiered by MNO) and a Lipachap platform fee. Your integration sends totalCharged so the customer or your float account covers the full debit.

totalCharged = amount + providerFee + platformFee

Sandbox is free. LIVE keys require merchant approval — start in sandbox and request production access from the dashboard.

Security

Production-grade by default

Credential isolation

Per-merchant API keys with TEST/LIVE mode enforcement at the host level. Secrets never appear in client-side code.

Signed requests

Every payment API call requires digest auth tied to the exact request path and raw JSON body.

Audit trail

Transaction log, webhook delivery log, and profit ledger per merchant for operations and support.

Start integrating in minutes

Create a sandbox merchant, copy your TEST keys, and make your first signed API call today.

Create sandbox account Quickstart guide