This document will go through the necessary actions taken to authorize transactions after payment using
Chapa’s Direct API.
How to Authorize Transactions
Authorizing a payment is dependent on the method used when first initializing a transaction. This request is initiated after you initiated a direct charge payment. Using your transaction reference, a POST request is needed to be made to the Authorize Transaction endpoint server.
Authorizing payments vary depending on the payment method (for example, some mobile money charge may include multiple authorization steps including OTPs). We’ll explain what applies to each method in its guide.
Direct charge options
Here are the different options for authorizing payments initiated via direct charge. Each type of direct charge has its own unique requirements and authorization flow. Follow the links to view detailed guides for each type:
When to Encrypt?
While using our direct charges API you are responsible to handle some sensitive security information like OTPs. In those times, you’ll encrypt the secure object from the payload you’ve built up. You’ll need your encryption key (from the Settings > API section of your dashboard) , and you’ll use the 3DES algorithm for encryption. You can see examples of this in our encryption guide .
Now, you’ll wrap the encrypted payload inside a JSON body like this:
Here is a sample code for verifying transactions:
Authorization* : Pass your secret key as a bearer token in the request header to authorize this call.
Refer to our Error Codes page for all responses for this request.
After the payment
Four things will happen when payment is successfully authorized:
- We’ll send you a webhook if you have that enabled. You can find more information on Webhooks here.
N.B: On your server, you should handle the redirect and always verify the final state of the transaction.
It is important to verify the transaction and confirm its status. Here is how you can Verify a Transaction.
Chapa has event listeners that will send a message whenever a payment is successful. You can find more information on Webhooks here.