end2endPay API Integration
    end2endPay API Integration
    • end2endPay API Specification
    • Inline Popup
    • v1 - Hosted session redirect
    • Server-to-server
      • Payload details
      • Pay With Card
        POST
      • Validate OTP
        POST
      • Initiate Pay with Transfer
        POST
      • Status check (PWT/USSD)
        POST
      • Get banks list - USSD
        GET
      • Generate USSD Code
        POST
      • Transaction Status Query
        GET
    • Plugins
    • Flutter SDK
      • End2EndPay Flutter SDK
    • Android SDK
      • End2EndPay Android SDK

    end2endPay API Specification

    At end2endPay, we understand the importance of seamless and secure payment processing for your business. Whether you're running a small online store, a large enterprise or even aggregating payment for B2B or P2P; our goal is to provide you with the tools and support you need to succeed.

    What you need to know before you start integrating#

    Our user-friendly platform allows for quick and easy integration, ensuring you can start accepting payments in no time.
    We prioritize the security of your transactions with advanced encryption and fraud protection measures.
    When you have completed your account registration and KYC document, upon review by our compliance team and approval of your account.
    You will gain access to your merchant portal at https://end2endpay.com/login where you have your API credentials, encryption keys to aid your integration.
    Note
    Our friendly API allows you to intgrate seemlessly with your application to process paymet through our various payment channels. However, only merchants with PCI-DSS certificate will be eligible for our server-to-server intgration. Additional documentation might be requested of you from our compliance team before your account is deem eligible for server-to-server integration.

    Valid Requests#

    Important Step:#

    All requests sent to our server will be encrypted by ensuring you use AES-256 (in a symmetric algorithm). The encryption key is found in the account settings section of your merchant portal upon login.

    Final Security Advice#

    1
    Protect your encryption key
    Treat the AES key like a password or token.
    2
    Store it secure
    Store it encrypted at rest (e.g., using AES-GCM, or KMS if on cloud or ENV)
    3
    Use it securely
    Don't ever log it before or after a request. Do not send it over HTTP
    📌
    After constructing your request based on the payload specification for each service, you are required to encrypt the data using the AES-256 symmetric algorithm with your key.
    For every request, you must generate a random IV (Initialization Vector), encrypt the payload using the key and IV, and send it to us.

    Standard Encryption Format#

    You should:
    1
    Consider the encryption method
    Use the AES-256-CBC algorithm
    2
    Generate an Initial Vector
    Generate a random 16-byte IV per request
    3
    Encrypt the data
    Encrypt the data with your AES key and IV.
    4
    Send the request
    Encrypt the data with your AES key.
    Your final request payload should follow the format shown in the sample below and send in the payload
    {
  "initialVector": "base64_iv_here",
  "transaction": "base64_encrypted_data_here"
}

    Language Examples#

    Common Parameters#

    aesKeyBase64 : 256-bit key shared or available in your merchant portal after onboarding.
    data : JSON object for the request of the specific payment service
    JavaScript (Node.js)
    Python
    Java
    C#/.NET
    PHP
    Next
    Inline Popup
    Built with