Skip to main content
Use the KulmiPay sandbox to build and test your integration without moving real money. Sandbox and live are separate environments with separate accounts, credentials, API URLs, and checkout URLs.
Never mix sandbox and live credentials. Sandbox keys only work on sandbox.kulmipay.com, and live keys only work on app.kulmipay.com.

Integration testing environment

KulmiPay provides two environments:
  • Sandbox / development for testing integrations.
  • Live / production for real transactions.
All API requests should be made over HTTPS. Webhook callback URLs should also use HTTPS and be publicly reachable.

Resources for KulmiPay integration and API testing

Sandbox / development environment

Use sandbox while building and testing your application. Sandbox API keys use test prefixes: Create sandbox keys from API Applications in the sandbox dashboard.

Live environment

Use live only when you are ready to process real payments. Live API keys use live prefixes:

Testing details for sandbox environment

Create a checkout session

Use your sandbox public key to create a test checkout.

Authenticate protected sandbox requests

For backend-only API calls, pass your sandbox secret key as a Bearer token.

Test M-Pesa phone numbers

Test amounts

Use small amounts such as 1, 5, or 10 to keep test records easy to review.

Switching from sandbox to live

When you are ready to go live:
  1. Replace https://sandbox.kulmipay.com with https://app.kulmipay.com.
  2. Replace sandbox keys with live keys.
  3. Use https://checkout.kulmipay.com for live hosted checkout.
  4. Point webhooks to your production HTTPS endpoint.
  5. Complete live business verification before processing real payments.
If you are using the kulmipay browser SDK, set live: true when switching to production.