{"id":37022515,"url":"https://github.com/bdhobare/mpesa-android-sdk","last_synced_at":"2026-01-14T02:41:32.976Z","repository":{"id":57717706,"uuid":"108320059","full_name":"bdhobare/mpesa-android-sdk","owner":"bdhobare","description":"An android SDK for MPESA.","archived":false,"fork":false,"pushed_at":"2021-04-12T14:31:32.000Z","size":1318,"stargazers_count":44,"open_issues_count":2,"forks_count":52,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-12-06T21:27:21.685Z","etag":null,"topics":["android","mpesa","mpesa-android","mpesa-android-sdk","mpesa-api","mpesa-backend","mpesa-payments","mpesa-rest","mpesa-sdk","mpesapi"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bdhobare.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-10-25T20:05:17.000Z","updated_at":"2024-07-04T07:32:05.000Z","dependencies_parsed_at":"2022-09-10T23:40:37.918Z","dependency_job_id":null,"html_url":"https://github.com/bdhobare/mpesa-android-sdk","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/bdhobare/mpesa-android-sdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bdhobare%2Fmpesa-android-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bdhobare%2Fmpesa-android-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bdhobare%2Fmpesa-android-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bdhobare%2Fmpesa-android-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bdhobare","download_url":"https://codeload.github.com/bdhobare/mpesa-android-sdk/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bdhobare%2Fmpesa-android-sdk/sbom","scorecard":{"id":229082,"data":{"date":"2025-08-11","repo":{"name":"github.com/bdhobare/mpesa-android-sdk","commit":"ef095998f5ae1a02dc44285427258aa61026c239"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/23 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: gradle/wrapper/gradle-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T04:29:01.165Z","repository_id":57717706,"created_at":"2025-08-17T04:29:01.165Z","updated_at":"2025-08-17T04:29:01.165Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408712,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","mpesa","mpesa-android","mpesa-android-sdk","mpesa-api","mpesa-backend","mpesa-payments","mpesa-rest","mpesa-sdk","mpesapi"],"created_at":"2026-01-14T02:41:32.268Z","updated_at":"2026-01-14T02:41:32.962Z","avatar_url":"https://github.com/bdhobare.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MPESA ANDROID SDK\nThis SDK allows android developers to easily make MPESA payments on their apps.\n\n# Screenshots\n\n![Screenshots](https://github.com/bdhobare/mpesa-android-sdk/blob/master/1.jpg \"Sample\")\n\n# Features\nThe SDK includes the following:\n1. Android native  SDK to accept MPESA payments in less than 10 lines of code\n2. A sample backend in Laravel you can easily deploy to your server to quickly get started.Get it [here](https://github.com/bdhobare/mpesa-android-sdk-backend.git).\n3. A sample DB schema for the backend\n4. Integration with Firebase Cloud Messaging to easily send push notifications to the app after payments\n5. A complete sample application you can easily run to see the SDK in action\n6. A free [hosted backend](https://mpesa.bdhobare.com) you can use for testing purposes.\n7. This nice README 😀\n\n## Getting started\nTo get started you need the following from the [Safaricom Developer dashboard](https://developer.safaricom.co.ke)\n1. Your Consumer Key\n2. Your Consumer Secret\n3. The business shortcode\n4. A Firebase project with a server key. Create one [here](https://console.firebase.google.com/)\n\n\nFor testing purposes, you can get test credentials [here](https://developer.safaricom.co.ke/test_credentials).\nUse the *Lipa Na Mpesa Online Shortcode* and *Lipa Na Mpesa Online Passkey* from the link.\n\n## Integrating with your app\n1. Add the SDK to your project\n\n    ``` compile 'com.bdhobare:mpesa:0.0.6'```\n    \n2. Initialize the SDK\n\n    ```Mpesa.with(context, CONSUMER_KEY, CONSUMER_SECRET);```\n    \n    You can optionally pass the mode as the third parameter , either `SANDBOX` or `PRODUCTION`.\n    \n    ```Mpesa.with(context, CONSUMER_KEY, CONSUMER_SECRET, Mode.PRODUCTION);```\n\n3. Implement the `AuthListener` interface in your activity.The interface provides two methods\n\n* ```public void onAuthError(Pair\u003cInteger, String\u003e result)```\n\n    This method is called when initializing the Mpesa instance fails.You can get the response code using `result.code` and the error message using `result.message`. Make sure your credentials are correct\n\n* ``` public void onAuthSuccess()``` \n\n    This method is called once the Mpesa instance initializes successfully.You can only make a successful transaction after this method is called.Therefore, you can use this method to update the user interface like enabling a disabled button.\n\n## Making a transaction\nBefore making a transaction, your need to make sure you have the following items:\n1. A business shortcode. For testing purposes , get one [here](https://developer.safaricom.co.ke/test_credentials).\n2. A pass key. For testing, you can get one from the same link.\n3. The amount to transact.\n4. The phone number making the payment. It can be in 07xx.. or 254xx.. or +254xx... formats. The SDK will sanitize it for you.\n\n    To make a transaction , you build an `STKPush` instance and pass it to `pay()` method\n    \n    ```STKPush.Builder builder = new Builder(BUSINESS_SHORT_CODE, PASSKEY, amount,BUSINESS_SHORT_CODE, phone);```\n    \n    ```STKPush push = builder.build();```\n    \n    ```Mpesa.getInstance().pay(context, push);```\n5. Make sure your activity implements `MpesaListener`. The interface provides two methods you will need to implement\n\n * ```public void onMpesaError(Pair\u003cInteger, String\u003e result)```\n \n    This method is called if the request could not be processed. You can get the error message generated by using `result.message`\n \n * ``` public void onMpesaSuccess(String MerchantRequestID, String CheckoutRequestID, String CustomerMessage)```\n \n    This method is called once the request has been received by Safaricom and accepted for processing.The user will be presented with the prompt to enter their MPESA pin\n \n\nCongrats! You have successfully made an MPESA transaction.\n\n\n## Customising the transaction\nMost of the times you want to receive the transaction details on your server, store them in your database and then send a confirmation notification to the user.\n\nI have include a complete working backend in Laravel you can easily deploy to your server.\n\nFor running the sample project, you don't need to deploy your own backend. I have already set up one for you [here](https://mpesa.bdhobare.com/mpesa) to use freely. Just replace the credentials and hit run :)\n\n### Setting up the backend.\n1. Clone the backend from [here](https://github.com/bdhobare/mpesa-android-sdk-backend.git).If you are new to Laravel you can quickly catch up [here](https://www.parthpatel.net/laravel-tutorial-for-beginner-5-4/).\n2. Upload the repository to your server and set up the necessary configurations(Apache, Composer, Laravel, MySQL/PostgreSQL etc).\n3. Create a sample database in Postgresql or Mysql and connect it with the project by editing the `.env` file.\n4. Run the migrations : `php artisan migrate` from the project root.\n5. Get the url to your backend. I am going to assume you have deployed it to `http://YOUR_URL`\n6. Set up the callback url to the `STKPush.Builder` by calling this method:\n\n    ```builder.setCallBackURL(http://YOUR_URL/mpesa)```\n\n Please note that the url is `YOUR_URL/mpesa` not `YOUR_URL`.  `/mpesa` is a route in the backend.\n    \nOnce the above steps are finished, the response from Safaricom will be sent to the backend and inserted into the database.\n\n### Setting up Firebase Notifications\n\n1. To send a confirmation notification to the user, you need to add Firebase to your app by following this short guide [here](https://firebase.google.com/docs/cloud-messaging/android/client)\n\n    **The sample app already has a fully working Firebase implementation.You can copy paste the code to avoid repeating the process. You only need to download your google-services.json file and put it in the app/ folder.**\n\n2. Get your server key from the Firebase Dashboard by going to Project Settings \u003e\u003e Cloud Messaging\n\n3. Login into your backend server and open the `.env` file. Add this line to the file\n\n    ``FIREBASE_SERVER_KEY=YOUR_SERVER_KEY``\n4. On your android app, pass the user's Firebase token  to `STKPush.Builder` by calling this method\n\n    ```builder.setFirebaseRegID(token);```\n    \n    This token is not the server's key from Step 2. It is the one got from `onTokenRefresh()` on the user's phone.\n\n    *Note: This firebase token will be appended to the callback url to get a url of the format `http://YOUR_URL/mpesa/token`*\n\n## Going live\nTo go live you only need to pass one extra parameter when initializing the SDK\n\n   ``` Mpesa.with(context, CONSUMER_KEY, CONSUMER_SECRET, Mode.PRODUCTION); ```\n \nAs it is with the sandbox, you need to implement `AuthListener` interface.\n    \n## Running the Sample Project\n1. To build the sample project, clone this project, open it in Android Studio and replace the credentials in  `MainActivity.java` with yours from the Safaricom dashboard. \n\n2. Create a Firebase project as described above and download your `google-services.json` file to the `app/` folder.\n\n3. Hit RUN in Android Studio.\n\n## Contributing and Issues\nThe project is really young and I would appreciate any pull requests or bug reports.Use [JIRA](https://issues.sonatype.org/browse/OSSRH-35483) for bug reports or email me directly.\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdhobare%2Fmpesa-android-sdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbdhobare%2Fmpesa-android-sdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdhobare%2Fmpesa-android-sdk/lists"}