Within Equity Bank
Test URL
POSThttps://uat.finserve.africa/v3-apis/transaction-api/v3.0/remittance/internalBankTransfer
Live URL
POSThttps://api.finserve.africa/v3-apis/transaction-api/v3.0/remittance/internalBankTransfer
Move Funds Within Equity Bank 🏦 Across Kenya, Uganda, Tanzania, Rwanda, DRC & South Sudan.
📘 Equity Bank's Presence
This web service covers all 6 countries (KE, RW, UG, TZ, DRC, SS) in which Equity Bank operates in.
200 Success Response Schema
| Field Name | Field Type | Field Description |
|---|---|---|
status | bool | Response status |
code | number | Response code |
message | string | Response message |
data.transactionId | string | unique transaction id |
data.status | string | transaction status |
Example Request
⚠️
In the example below, please remember to replace the variables enclosed within curly brackets {{ }} with the actual values.
Signature Formulae e.g. 00013XXXX6836500.00KES192112602006
source.accountNumber+transfer.amount+transfer.currencyCode+transfer.referenceRequest Parameters
| Field Name | Data Type | Required | Description |
|---|---|---|---|
| Source Fields | |||
source.countryCode | string | Yes | The country code of the sender's bank account (e.g., "KE", "UG"). |
source.name | string | Yes | The full name of the account holder (e.g., "John Doe"). |
source.accountNumber | string | Yes | The sender's bank account number (e.g., "00013XXXX6836"). |
| Destination Fields | |||
destination.type | string | Yes | The type of destination (e.g., "bank"). |
destination.countryCode | string | Yes | The country code for the recipient's bank account (e.g., "KE"). |
destination.name | string | Yes | The full name of the recipient (e.g., "Tom Doe"). |
destination.accountNumber | string | Yes | The recipient's bank account number (e.g., "00201XXXX4605"). |
| Transfer Fields | |||
transfer.type | string | Yes | The type of transfer (e.g., "EFT"). |
transfer.amount | string | Yes | The amount of money to be transferred (e.g., "500.00"). |
transfer.currencyCode | string | Yes | The currency code for the transfer amount (e.g., "KES"). |
transfer.reference | string | Yes | A unique reference identifier for the transaction (e.g., "192112602006"). |
transfer.date | string | Yes | The date of the transaction (YYYY-MM-DD format, e.g., "2023-10-13"). |
transfer.description | string | Yes | Additional remarks about the transaction (e.g., "Some remarks here"). |
| Headers | |||
Authorization | string | Yes | Bearer token for authentication (replace {access_token} with a valid token). |
Content-Type | string | Yes | Media type of the resource (should be application/json). |
signature | string | Yes | A cryptographic signature for request integrity. |
Example Request
curl -X POST \
-d '{
"source": {
"countryCode": "KE",
"name": "John Doe",
"accountNumber": "00013XXXX6836"
},
"destination": {
"type": "bank",
"countryCode": "KE",
"name": "Tom Doe",
"accountNumber": "00201XXXX4605"
},
"transfer": {
"type": "EFT",
"amount": "500.00",
"currencyCode": "KES",
"reference": "192112602006",
"date": "2023-10-13",
"description": "Some remarks here"
}
}' \
-H 'Authorization: Bearer {{access_token}}' \
-H 'Content-Type: application/json' \
-H 'signature: {{signature}}' \
-L 'https://uat.finserve.africa/v3-apis/transaction-api/v3.0/remittance'Example Response
Example Response
{
"status": true,
"code": 0,
"message": "success",
"reference": "192112602006",
"data": {
"transactionId": "5414",
"status": "SUCCESS"
}
}| Field | Type | Description |
|---|---|---|
status | boolean | Response status (true for success, false for failure) |
code | number | Response code (0 indicates success) |
message | string | Response message describing the result |
reference | string | The unique reference identifier for the transaction |
data.transactionId | string | Unique transaction ID generated by the system |
data.status | string | Transaction status (e.g., "SUCCESS", "PENDING", "FAILED") |
Error Responses
400 Bad Request
Missing or invalid parameters in the request body.
{
"status": false,
"code": 400,
"message": "Invalid request parameters",
"error_code": "INVALID_REQUEST"
}401 Unauthorized
Invalid or expired access token.
{
"status": false,
"code": 401,
"message": "Invalid or expired access token",
"error_code": "UNAUTHORIZED"
}403 Forbidden
Valid credentials but invalid signature or insufficient permissions.
{
"status": false,
"code": 403,
"message": "Invalid signature or insufficient permissions",
"error_code": "FORBIDDEN"
}404 Not Found
Account not found or invalid account number.
{
"status": false,
"code": 404,
"message": "Source or destination account not found",
"error_code": "ACCOUNT_NOT_FOUND"
}Transaction Status Errors
| Response Status | Response Code | Response Message |
|---|---|---|
| false | 111102 | Transaction with the passed reference cannot be found |
📖 Step-by-Step Guide
Step 1: 🔑 Set Up Security Keys
Generate your private and public key pair and share your public key with Finserve. See the Security & Signatures Documentation (opens in a new tab) for detailed instructions.
Step 2: 🎫 Authenticate
Obtain an access token using the authentication endpoint. See the Authentication API documentation (opens in a new tab) for details.
Step 3: 📋 Prepare Transaction Details
Gather all required information.
Step 4: ✍️ Generate Signature
Create the signature string by concatenating in this exact order:
source.accountNumber+transfer.amount+transfer.currencyCode+transfer.referenceSign this string using your private key, then Base64 encode the result.
Step 5: 📝 Set Up Headers
Include the following headers in your request:
Content-Type: application/jsonAuthorization: Bearer [your_access_token]Signature: [your_base64_encoded_signature]
Step 6: 🔧 Construct Request Body
Create a JSON object with all required fields following the structure shown in the example request.
Step 7: 🚀 Send POST Request
Make a POST request to the internal bank transfer endpoint with your headers and body.
🌍 Supported Countries & Currencies
| Country | Country Code | Common Currency Codes |
|---|---|---|
| Kenya | KE | KES |
| Uganda | UG | UGX |
| Tanzania | TZ | TZS |
| Rwanda | RW | RWF |
| South Sudan | SS | USD |
| DRC | DRC | USD |
Best Practices
-
** Security**
- Store your private key securely and never expose it in client-side code or version control
- Always use HTTPS for API requests
- Store access tokens securely
- Regenerate signatures for each request
-
** Signature Generation**
- Ensure exact string concatenation order:
source.accountNumber+transfer.amount+transfer.currencyCode+transfer.reference - Do not include spaces, separators, or special characters in the concatenated string
- Always Base64 encode the signature before including it in headers
- Verify the values in the signature match exactly with the request body values
- Ensure exact string concatenation order:
-
** Transaction Reference**
- Use unique reference numbers for each transaction
- Implement a reference generation system to avoid duplicates
- Store reference numbers for reconciliation and audit purposes
- Never reuse reference numbers, even for failed transactions
-
Amount Formatting
- Always use decimal format with two decimal places (e.g., "500.00")
- Pass amounts as strings, not numbers
- Ensure the amount is positive and within allowed limits
- Verify amount matches exactly in signature and request body
-
Error Handling
- Implement retry logic with exponential backoff for transient errors
- Log transaction attempts and responses for audit purposes
- Handle signature validation errors by regenerating the signature
-
Testing
- Always test with the UAT endpoint before using the live endpoint
- Use test account numbers provided in the documentation
- Verify signature generation with sample data first
- Test error scenarios to ensure proper handling
-
Data Validation
- Validate all account numbers match the expected format
- Verify country codes are valid and supported
- Ensure transfer dates are in the correct format (YYYY-MM-DD)
- Validate currency codes match the destination country
Troubleshooting
Invalid Signature Error (403)
If you receive a 403 error with "Invalid signature":
- Verify the concatenation order:
source.accountNumber+transfer.amount+transfer.currencyCode+transfer.reference - Ensure no spaces or separators are included in the concatenated string
- Check that the signature is Base64 encoded
- Verify your public key is correctly registered with us
- Ensure the values in the signature match exactly with the request body values
Common Signature Mistakes
- Using wrong concatenation order
- Adding spaces or separators between values
- Not Base64 encoding the final signature
- Values in signature don't match request body values
Support
For questions or issues with this API:
- Email: support@finserve.africa