A production WordPress plugin enabling KCB M-Pesa STK Push payments in WooCommerce stores across Kenya and East Africa. Free core + Pro tier with extended features.
Why this exists: KCB's M-Pesa Express API is widely used in Kenya but has no official WooCommerce integration. This plugin fills that gap with a clean, extensible implementation.
- ✅ Full STK Push payment flow at WooCommerce checkout
- ✅ Secure OAuth2 token generation with KCB API
- ✅ Real-time callback handling → automatic order status updates
- ✅ Admin callback log dashboard (view, download, clear)
- ✅ Email alerts on payment failures
- 🔐 License key activation system
- 📊 CSV export of payment logs
- 📣 Slack / Telegram payment notifications (planned)
- 🎨 Advanced checkout UI customisation
kcb-mpesa-gateway/
├── admin/
│ └── logs-ui.php # Admin log dashboard
├── includes/
│ ├── class-gateway-base.php # Abstract base — extensible for other M-Pesa providers
│ ├── class-gateway-free.php # Free tier implementation
│ └── class-gateway-pro.php # Pro tier with licence check
├── pro/
│ └── class-license-manager.php
├── kcb-mpesa-gateway.php # Plugin entry point
└── init_kcb-mpesa-gateway.php # Gateway registration + callback endpoint
Design decisions:
- Abstract base class (
class-gateway-base.php) makes it straightforward to extend for other KCB payment products or M-Pesa providers - Callbacks are logged to a flat file (
wp-content/mpesa-callback-log.txt) — avoids DB write overhead during high-volume payment events - Token generation is handled per-request with short TTL — avoids stale token issues that plague many community implementations
- Upload to
/wp-content/plugins/kcb-mpesa-gateway - Activate via Plugins in WordPress admin
- Go to WooCommerce → Settings → Payments → enable KCB M-Pesa
- Enter your Consumer Key and Consumer Secret from KCB Developer Portal
- For Pro: enter your licence key at WooCommerce → Settings → KCB M-Pesa Licence
Use KCB's sandbox environment at https://sandbox.buni.kcbgroup.com with test credentials from the portal. The plugin switches between sandbox and production endpoints based on WooCommerce's test mode toggle.
- Publish to WordPress.org plugin directory
- Add support for Safaricom M-Pesa Daraja API (alternative gateway class)
- Webhook signature verification
- Unit tests with WP_Mock
📌 Part of my fullstack portfolio demonstrating real-world payment integrations for African e-commerce.
📧 stephengachoka57@gmail.com | 🌐 stephengachoka.co.ke | 📍 Nairobi, Kenya