Skip to main content
Danipa
Docs · 006 / 010

Developer Portal Features

What's available inside the authenticated developer portal — OAuth apps, audit log, request log, webhook delivery log, and MoMo preapprovals.

The Danipa Developer Portal at developer.sandbox.danipa.com is more than an API explorer. Once you sign in, the dashboard gives you a set of operational surfaces to manage your integration in production conditions — secrets, callers, deliveries, mandates. This page is the public summary of what's behind the login.

OAuth Apps

Register third-party applications that act on a merchant's behalf via OAuth 2.0 authorization code flow.

  • Create an OAuth client (client_id + client_secret) with explicit scopes — pick from the scope catalogue (read:payments, write:payment_links, read:wallet, etc.).
  • Configure one or more redirect URIs per environment (sandbox / production).
  • Rotate the client secret without breaking existing tokens (24-hour grace window).
  • Revoke a client to immediately invalidate every token it issued.
  • Audit every grant — issued tokens, last-used timestamps, calling IP ranges.

OAuth apps are the right path for marketplace integrations and partner systems. Direct server-to-server access keeps using the simpler API-key flow.

Request Log

Every API call your account makes is recorded and queryable from the dashboard. Useful for debugging integration regressions, validating webhook deliveries, and reconciling provider responses.

  • Filter by HTTP method, status code, endpoint path, time window.
  • Detail drawer shows the full request (headers, body, query) and response (headers, body, duration).
  • Per-environment view — sandbox and production traffic are partitioned; the env switcher in the topbar scopes the log.
  • Search by request id (matches the X-Request-Id header surfaced in API responses, so a customer ticket with a request id resolves in one click).

The request log is retained for 30 days on sandbox and is part of the production retention policy post-launch.

Webhook Delivery Log

Webhooks are the asynchronous half of every integration. The delivery log shows what your endpoints actually received — what landed, what was retried, what was dead-lettered.

  • Per-endpoint view of every delivery attempt with HTTP status and response time.
  • Replay any delivery to your endpoint without re-firing the underlying business event — useful when an endpoint was down or returned an unexpected error and you've since fixed it.
  • Rotate webhook secrets without dropping inflight deliveries.
  • Verify HMAC signatures against the dashboard's "what the signature should be" preview before you ship verification code.

See the Webhooks guide for signature verification, the event catalogue, and the 300-second timestamp replay window.

Audit Log

A read-only chronological record of every mutating action taken against your account — both via the dashboard and the API.

  • Filter by actor (which user, which API key, which OAuth client), event type, time window, and tenant id.
  • Records who did what, when, from which IP, and with which authentication factor — useful for SOC 2-style audits and for forensic investigation of suspicious activity.
  • Every audit row links back to the related domain entity (the invoice, the payment link, the customer record) so reviews stay grounded.
  • Audit logs are append-only at the storage layer — there is no API path to mutate or delete a row.

MoMo Preapprovals

Collect a one-time customer approval for recurring or on-demand mobile-money debits. After the customer approves the mandate, your application can charge their wallet without re-prompting them for a PIN every time.

  • Create a preapproval mandate by MSISDN — the customer receives the approval prompt from MTN.
  • Query mandate state — PENDING, ACTIVE, CANCELLED, EXPIRED.
  • Cancel mandates from your dashboard or the API; cancellations are propagated to MTN.
  • Charge against an active mandate with POST /v2_0/payment — no preApprovalId in the body; MTN matches by payer MSISDN + your merchant context.
  • Subscribe to momo.preapproval.* webhook events to react to state transitions.

This is the rail for subscription billing, BNPL repayments, and any flow that requires silent debits.

Sandbox Tools

The sandbox surface is a full mirror of production with extra dashboard affordances for testing.

  • Fund a sandbox wallet to any balance.
  • Trigger any webhook event manually with a custom payload — useful for testing your edge-case handlers without waiting for an upstream event to fire.
  • Reset sandbox data — wipe customers, invoices, payment links, payment requests, and webhook deliveries in one click. Rate-limited to 1 per hour to prevent accidents.
  • Create test customers with realistic phone numbers and Ghana Card numbers (validated against the same Mock NIA service the platform uses for KYC).

See Getting Started for the sandbox onboarding flow, or sign in to the developer portal to use these tools today.