Quick Start (Developers)
Accept your first payment with the Credo API in minutes.
This guide walks you through a complete payment flow - from initialization to verification. By the end, you'll have processed a test payment in the sandbox environment.
Prerequisites
- A Credo sandbox account - sign up here
- Your API keys from Settings → Developer → API Keys
- A server environment that can make HTTPS requests
API keys
You'll need both keys: the public key for initializing payments and the secret key for verifying them. Never expose your secret key in client-side code.
Initialize a payment
Send a POST request to create a transaction:
const response = await fetch(
"https://api.credodemo.com/transaction/initialize",
{
method: "POST",
headers: {
Authorization: "YOUR_PUBLIC_KEY",
"Content-Type": "application/json",
},
body: JSON.stringify({
amount: 15000, // ₦150.00 in kobo
email: "customer@example.com",
currency: "NGN",
callbackUrl: "https://yoursite.com/payment/callback",
}),
}
);
const data = await response.json();
console.log(data.data.authorizationUrl);import requests
response = requests.post(
"https://api.credodemo.com/transaction/initialize",
json={
"amount": 15000, # ₦150.00 in kobo
"email": "customer@example.com",
"currency": "NGN",
"callbackUrl": "https://yoursite.com/payment/callback",
},
headers={
"Authorization": "YOUR_PUBLIC_KEY",
"Content-Type": "application/json",
},
)
data = response.json()
print(data["data"]["authorizationUrl"])$ch = curl_init("https://api.credodemo.com/transaction/initialize");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode([
"amount" => 15000, // ₦150.00 in kobo
"email" => "customer@example.com",
"currency" => "NGN",
"callbackUrl" => "https://yoursite.com/payment/callback",
]),
CURLOPT_HTTPHEADER => [
"Authorization: YOUR_PUBLIC_KEY",
"Content-Type: application/json",
],
]);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
echo $response["data"]["authorizationUrl"];import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.URI;
public class InitializePayment {
public static void main(String[] args) throws Exception {
String json = """
{
"amount": 15000,
"email": "customer@example.com",
"currency": "NGN",
"callbackUrl": "https://yoursite.com/payment/callback"
}
""";
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.credodemo.com/transaction/initialize"))
.header("Authorization", System.getenv("CREDO_PUBLIC_KEY"))
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(json))
.build();
HttpClient client = HttpClient.newHttpClient();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// Parse JSON and extract authorizationUrl
System.out.println(response.body());
}
}using System.Text;
using System.Text.Json;
var payload = new
{
amount = 15000,
email = "customer@example.com",
currency = "NGN",
callbackUrl = "https://yoursite.com/payment/callback"
};
var json = JsonSerializer.Serialize(payload);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", Environment.GetEnvironmentVariable("CREDO_PUBLIC_KEY"));
var response = await client.PostAsync("https://api.credodemo.com/transaction/initialize", content);
var result = await response.Content.ReadAsStringAsync();
// Parse result and extract authorizationUrl
Console.WriteLine(result);Response:
{
"status": 200,
"message": "Successfully processed",
"data": {
"authorizationUrl": "https://pay.credodemo.com/Sfhx00BA4801Zk1T4",
"reference": "201220045mG7mTL022zQ09",
"credoReference": "Sfhx00BA4801Zk1T4",
"Crn": "0000298483"
}
}| Field | What it is |
|---|---|
authorizationUrl | Where you redirect the customer to pay |
reference | Your transaction reference (auto-generated if not provided) |
credoReference | Credo's internal reference (transRef) - used for verification |
Redirect the customer
Send the customer to the authorizationUrl. They'll see Credo's secure checkout page where they can choose a payment method and complete the transaction.
// Redirect to Credo checkout
window.location.href = data.data.authorizationUrl;After payment, Credo redirects the customer back to your callbackUrl.
Don't create duplicates
If a customer has an existing pending payment, reuse the authorizationUrl instead of initializing a new transaction.
Verify the transaction
When the customer arrives at your callback URL, verify the payment on your server using the secret key:
const verification = await fetch(
`https://api.credodemo.com/transaction/${transRef}/verify`,
{
headers: { Authorization: "YOUR_SECRET_KEY" },
}
);
const result = await verification.json();
if (result.data.status === 0) {
// Payment successful - deliver value
console.log("Paid:", result.data.settlementAmount);
}response = requests.get(
f"https://api.credodemo.com/transaction/{trans_ref}/verify",
headers={"Authorization": "YOUR_SECRET_KEY"},
)
result = response.json()
if result["data"]["status"] == 0:
# Payment successful - deliver value
print("Paid:", result["data"]["settlementAmount"])$ch = curl_init("https://api.credodemo.com/transaction/" . $transRef . "/verify");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Authorization: " . getenv("CREDO_SECRET_KEY"),
],
]);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
if ($response["data"]["status"] === 0) {
// Payment successful - deliver value
echo "Paid: " . $response["data"]["settlementAmount"];
}import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.URI;
public class VerifyTransaction {
public static void main(String[] args) throws Exception {
String transRef = "Sfhx00BA4801Zk1T4";
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.credodemo.com/transaction/" + transRef + "/verify"))
.header("Authorization", System.getenv("CREDO_SECRET_KEY"))
.GET()
.build();
HttpClient client = HttpClient.newHttpClient();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// Parse JSON and check status
System.out.println(response.body());
}
}var client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", Environment.GetEnvironmentVariable("CREDO_SECRET_KEY"));
var response = await client.GetAsync($"https://api.credodemo.com/transaction/{transRef}/verify");
var result = await response.Content.ReadAsStringAsync();
// Parse result and check status
Console.WriteLine(result);Response:
{
"status": 200,
"data": {
"transRef": "Sfhx00BA4801Zk1T4",
"businessRef": "201220045mG7mTL022zQ09",
"transAmount": 15000.00,
"transFeeAmount": 325.00,
"settlementAmount": 15000.00,
"status": 0
}
}A status of 0 means the payment was successful.
Never trust the callback redirect alone. Always verify server-side before delivering goods or services.
Test cards
Use these cards in the sandbox environment:
| Card Number | Expiry | CVV |
|---|---|---|---|
| 4012000033330026 | Any future date | Any 3 digits |
| 5555555555554444 | Any future date | Any 3 digits |
For the complete list of available test cards, including Verve and Cybersource options, see the Testing page.
Test cards only work in the sandbox environment. They will not process real transactions.
Go live checklist
- Switch API keys from sandbox to production
- Update base URL to
https://api.credocentral.com - Configure your production webhook URL and handle all event types
- Verify all transactions server-side
- Handle failed and pending payment states
- Store transaction references in your database