Generate OAuth Tokens
Daraja Local exposes a local OAuth endpoint with the same request and response shape used by Daraja. It validates credentials against the emulator configuration; it never sends them to Safaricom.
Configure credentials
Set the credentials before starting the emulator:
export CONSUMER_KEY="consumer_key"
export CONSUMER_SECRET="consumer_secret"
npm run dev
These values default to consumer_key and consumer_secret when the variables are not set.
Request a token
Send the configured consumer key and secret with HTTP Basic authentication and include the required grant_type query parameter:
curl --get "http://127.0.0.1:8080/oauth/v1/generate" \
--data-urlencode "grant_type=client_credentials" \
--user "consumer_key:consumer_secret"
Expected response:
{
"access_token": "daraja-local-token-...",
"expires_in": "3599"
}
Use the returned token on every /mpesa request:
Authorization: Bearer daraja-local-token-...
Missing, unknown, and expired tokens are rejected. Tokens are held in memory and become invalid when the emulator restarts.
Configure token expiry
The default lifetime is 3,599 seconds. Override it before starting the emulator:
export DARAJA_LOCAL_TOKEN_EXPIRES_IN="120"
npm run dev
PowerShell:
$env:DARAJA_LOCAL_TOKEN_EXPIRES_IN = "120"
npm run dev
For the authoritative Daraja contract, see the Safaricom Daraja Developer Portal.
