LipaPay Sandbox dashboard

Dashboard

Dashboard Home

Documentation

Documentation Hub API Reference Status & callbacks

Sandbox product APIs

Same contracts as production — sandbox mode only. No live endpoints here.

LipaPay Ver2 /api/sandbox

Overview API reference Testing lab

LipaAirtime /api/sandbox/airtime

Overview API reference Testing lab

LipaDisbursement /api/sandbox/disbursement

Overview API reference Testing lab

LipaPay merchant portal · Sign in

LipaAirtime API reference

Sandbox-only API at /api/sandbox/airtime. Same JSON and flow as Lipa_Airtime production — simulated wallet and settlement.

Base: /api/sandbox/airtime Session auth flow Wallet + recharge lifecycle Callback-driven reconciliation Source-mapped contract

POST /api/sandbox/airtime/register

Register

Auth: None

Create sandbox airtime merchant account.

POST /api/sandbox/airtime/login

Login

Auth: None

Authenticate and return bearer token.

POST /api/sandbox/airtime/customer/payments

Airtime Payment

Auth: Bearer token

Send airtime from wallet balance.

POST /api/sandbox/airtime/customer/balancerecharge

Balance Recharge

Auth: Bearer token

Initiate wallet top-up and receive controlNumber.

POST /api/sandbox/airtime/callbackUrl

Recharge Callback

Auth: None

Confirm recharge by controlNumber.

GET /api/sandbox/airtime/user

Current User

Auth: Bearer token

Return authenticated airtime user.

HTTP endpoint surface (source contract)

Method	Path	Auth	Purpose
POST	/api/callbackUrl	External callback	Match control number, update recharge transaction, increment wallet on success.
GET	/api/user	Sanctum	Return authenticated user context.
POST	/customer/payments	Session auth	Run airtime purchase from wallet.
POST	/customer/bulkpayment	Session auth	Import bulk airtime requests using Excel flow.
POST	/customer/balancerecharge	Session auth	Initiate external top-up to recharge wallet.

Authentication and authorization contract

Item	Contract
Primary guard	web session guard with auth and custom is_auth middleware.
Role model	role_id values: 1 admin, 2 user, 3 finance.
User status model	pending, active, inactive; role 2 requires active status to proceed.
API auth note	/api/user relies on Sanctum middleware in source.

Core data contracts

users

Stores identity, role, and status used for role-based redirects and activation checks.

wallet

Per-user wallet with balance used for airtime debit and recharge increments.

payments

Airtime transaction records with provider/network, status, and processing message.

transactions

Wallet recharge records keyed by control number and callback-driven status transitions.

Airtime purchase flow

Validate request payload (msisdn, positive amount).
Load authenticated user wallet by user id.
Reject when requested amount exceeds wallet balance.
Create pending payment record with detected network/provider metadata.
Call external airtime vendor API and evaluate response.
On success, deduct wallet and mark success; on failure, mark failed with message.
Send SMS confirmation or failure notification.

Wallet recharge flow and callback

Authenticate against portal auth API for recharge initiation.
Create pending recharge transaction in local database.
Initiate upstream MNO payment request and capture control number.
Receive callback on /api/callbackUrl with control number and status.
When callback status is true, mark success and increment wallet balance.

Callback minimum payload

{
  "controlNumber": "ABC123",
  "status": true
}

Integrations and reliability notes

External integrations include airtime vendor API, portal auth/initiate APIs, and SMS gateways (internal/external).
Main orchestration path is implemented through Airtime service and phone/provider helper utilities.
Hardening recommendation: move static upstream credentials/tokens to env config, rotate secrets, and add callback signature/IP verification.

Observed source gaps

Route protection

/admin/registerUser appears public in source and should be protected.

Callback validation

Validation focuses on controlNumber while downstream logic also depends on status.

Status consistency

Airtime service status values may diverge from migration/comment expectations.

Source contract mapping

System	Method	Path
Lipa_Airtime	POST	/customer/payments
Lipa_Airtime	POST	/customer/balancerecharge
Lipa_Airtime	POST	/api/callbackUrl

{
    "msisdn": "255712345678",
    "amount": 1500
}

{
    "status": "OK",
    "message": "Voucher sent successfully"
}