The payment flow
Your app creates a payment
Your backend calls Moflay with the amount, phone number, description, and
optional customer details.
Moflay talks to Safaricom
Moflay uses the Daraja credentials saved for the current environment to send
the STK push request.
Moflay processes the result
Safaricom sends its callback to Moflay. Moflay records the outcome and
updates the transaction state.
What Moflay handles for you
- Daraja authentication using your saved credentials
- Payment request formatting and validation
- Safaricom callback ingestion
- Consistent transaction records
- Signed outbound webhooks to your app
What you still need
- A Moflay account and organization
- An API key for the environment you are using
- A valid till or paybill before you move to production
- Production Daraja credentials if you want to accept real money
Where the money goes
Moflay is the integration layer, not the settlement destination. Successful payments go to your configured M-Pesa till or paybill. Moflay does not hold customer funds.Why it works this way
Direct Daraja integrations usually force you to manage tokens, callback URLs, retries, and inconsistent payment-state handling yourself. Moflay centralizes that work so your application can use one predictable interface.Callbacks vs webhooks
This distinction matters:- Safaricom callback: Sent by Daraja to Moflay so Moflay can finalize the transaction
- Moflay webhook: Sent by Moflay to your app so your system can react to payment or customer events