SecurityCredential class abstract final

Generates the SecurityCredential required by Safaricom B2C, Account Balance, Transaction Status, and Reversal APIs.

Safaricom requires the initiatorPassword to be RSA-encrypted (PKCS#1 v1.5) using Safaricom's public key, then Base64-encoded.

The certificate parameter must be a PKCS#8 PEM public key string (-----BEGIN PUBLIC KEY-----), NOT the raw .cer X.509 certificate file. Extract it first with:

openssl x509 -in SandboxCertificate.cer -inform DER -pubkey -noout

Safaricom provides separate certificates for sandbox and production. Store the extracted PEM in your app configuration or backend — never commit plaintext certificates to public repositories.

Example:

const pem = '-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----';
final credential = SecurityCredential.generate(
  initiatorPassword: 'Safaricom999!*!',
  certificate: pem,
);

Properties

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited

Static Methods

generate({required String initiatorPassword, required String certificate}) → String

Encrypts initiatorPassword with certificate and returns the Base64-encoded ciphertext suitable for use as SecurityCredential in Safaricom API requests.