NAV
cURL

Home

Introduction

Wiza API is an asynchronous plug in once and get multiple business value tools . Wiza API's allows businesses to reduce the number of efforts required to incorporate multiple payment methods or SMS notifications into their business by integrating with one single API. All the settlements are executed by the payment processors within 24 hours time and the money is credited straight to the merchant account, giving the businesses the ability to plan the next day operations, while the SMS notifications are delivered straight away to your customers being it for OTP notifications or that important order confirmation.

Payment Flow

SMS Flow

Host

The sandbox and production systems are accessed through the same host. To send requests to a production system use production token and to user sandbox system use sandbox token.

The Wiza host name is https://api.wiza.ao

Example:

Payment

SMS

Authentication

Businesses simplicity and security is our primary goals and that's why https connections and bearer API Token are essential and mandatory through every single connection. Every single business transaction requires a valid header Authorization parameter.

Authorization: <some-token-generated-at-merchant-portal>

Callback

To tighten even more the security in the response callback to your system we included a signature header which is constructed using a Signature Token that only the merchant has access and can be generated at the merchant portal tokens management page. The signature is created (signature token and raw payload body encoded) as per the secure algorithm below and should match the one sent by Wiza.

HexEncode(HMAC-SHA-256(Signature Token, raw HTTP body))

Payments

Request a Payment

curl -XPOST "https://api.wiza.ao/v1/hosts/payments" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "Authorization: eyJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudF9pZCI6IjE3ZDI5ZDZiLWNhNjUtNDc1Ni1hM2UzLTQzOTY0NjI4MWQ5YSIsInRva2VuX2lkIjoiYjc2MWE3ZDYtMmQxNy00OTczLTg5NGYtZTM4ODVlYWYwNzU1IiwidHlwZSI6InBheW1lbnQiLCJleHAiOjE3MjI0NzAzNDB9.o_3z0dqXrk8f68rPeGieeMNpksSpvwSbLYmKDETa4vs" \
-d '{
        "amount": "123.45",
        "currency": "aoa",
        "reference_id": "123456789",
        "success_url": "https://where-to-redirect-in-case-of-success",
        "failure_url": "https://where-to-redirect-in-case-of-failure",
        "callback_url": "https://send-response-here-when-is-completed"
    }

HTTP Request

POST https://api.wiza.ao/v1/hosts/payments

Headers

Key Value Description
Content-Type application/json The content type expected
Accept application/json The format type expected by the server
Authorization authorization-token The bearer authorization token

Payload

Name Type Required Type Description
amount string yes payment The amount that is required for the transaction.
currency string yes payment The transaction currency
customer string yes payment The customer cellphone or other identification required to request a payment.
parent_payment_id string yes refund The parent payment transaction ID the merchant wishes to refund.
reference_id string yes both The merchant transaction request unique id.
success_url string no payment Wiza APG hosted age is going to redirect to this url after 5 seconds of successful page is presented. The callback to your backend will be fired nevertheless.
failure_url string no payment Wiza APG hosted age is going to redirect to this url after a failure and the payment process is canceled. The callback to your backend will be fired nevertheless.
callback_url string yes both Wiza APG will call it back as soon the request is completed (accepted or rejected) and will send a (POST) and will stop if get any 2xx status response.

Response

Status Meaning Description
303 See Other (The payment request was accepted by wiza hosted gateway for processing and you can open the link provided at header location.
4xx or 5xx Error Check the error table below

Headers

location: https://hosted.wiza.ao/?id=f3c6ff4c-3f05-4ce6-a253-28b871d682ab&nonce=7079db324f4815ceeda498ebb1261f8205721c9864a52071a738db4f7db89a1d

Example of user process

  1. Select payment methods

  1. Input phone number

  1. Wait while it processes

  1. Finished payment (at this stage the system calls back merchant callback)

When user and the payment processor finishes processing Wiza will call back the provided URL at (callback_url) with the payload at the confirm the payment section

Confirm the Payment

curl -XPOST "https://merchant-provided-payment-callback-url" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "signature: aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd" \
-d '{
        "id": "f3c6ff4c-3f05-4ce6-a253-28b871d682ab",,
        "currency": "aoa",
        "amount": "1000.54",
        "status": "accepted",
        "status_reason": "2000",
        "status_datetime": "2023-03-21T15:28:28.355Z",
        "currency": "aoa",
        "customer": "912123123",
        "reference_id": "123456789",
        "processor": "gpo"
    }

HTTP Request

POST https://merchant-provided-payment-callback-url

Headers

Key Value Description
Content-Type application/json The content type expected
Accept application/json The format type expected by the server
signature aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd The signature generated with signature token and raw payload

Payload

Name Type Description
id uuid Wiza transaction ID
amount string The transaction amount.
status string The transaction status which could be accepted or rejected
status_reason string The transaction status code reason why the transaction was rejected check table for more details.
status_datetime string The time in ISO that the transaction was finalized (accepted or rejected)
currency string The transaction currency.
customer string The customer cellphone or other identification used to confirm the payment
reference_id string The merchant transaction unique transaction id.
processor string The payment provider used by the customer.

Response

This callback is a fire and forget. It is the merchant responsability to guarantee the proper endpoint that accepts the callback request

Status Meaning Description
2xx Success The callback was successfully accepted by the merchant system.
4xx or 5xx Failed The callback was not successful and Wiza may try again later

SMSBeta

Request a SMS

curl -XPOST "https://api.wiza.ao/v1/hosts/sms" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "Authorization: eyJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudF9pZCI6IjE3ZDI5ZDZiLWNhNjUtNDc1Ni1hM2UzLTQzOTY0NjI4MWQ5YSIsInRva2VuX2lkIjoiYjc2MWE3ZDYtMmQxNy00OTczLTg5NGYtZTM4ODVlYWYwNzU1IiwidHlwZSI6InBheW1lbnQiLCJleHAiOjE3MjI0NzAzNDB9.o_3z0dqXrk8f68rPeGieeMNpksSpvwSbLYmKDETa4vs" \
-d '{
        "numbers": ["912345678", "912456789"]
        "content": "Your awesome message to your awesome customer"
        "callback_url": "https://send-response-here-when-is-completed"
    }

HTTP Request

POST https://api.wiza.ao/v1/hosts/sms

Headers

Key Value Description
Content-Type application/json The content type expected
Accept application/json The format type expected by the server
Authorization authorization-token The bearer authorization token

Payload

Name Type Required Description
numbers string yes An array of valid phone numbers where you want to deliver the sms message.
content string yes The sms message content you want to deliver
callback_url string yes Wiza SMS will call it back as soon the request is completed (accepted or rejected) and will send a (POST) and will stop if get any 2xx status response.

Response

{
  "id": "4fe3972e-3d4d-475e-a0ec-477764064641",
  "numbers": ["912345678", "912456789"],
  "sent_sms_count": 0,
  "content": "Your awesome message to your awesome customer",
  "status": "requested",
  "requested_at": "12.01.2025 10:15"
}

Status Meaning Description
202 Accepted (The SMS request was accepted by wiza SMS for processing and will be forwarded to the telco operatorwill be forwarded to the telco operator. You can open the link provided at header location to monitor the status.
4xx or 5xx Error Check the error table below

Headers

location: https://api.wiza.ao/v1/hosts/sms/4fe3972e-3d4d-475e-a0ec-477764064641

SMS Callback

curl -XPOST "https://merchant-provided-sms-callback-url" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "signature: aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd" \
-d '{
      "id": "4fe3972e-3d4d-475e-a0ec-477764064641",
      "numbers": ["912345678", "912456789"],
      "content": "Your awesome message to your awesome customer",
      "status": "sent",
      "status_reason": "2000"
    }

HTTP Request

POST https://merchant-provided-sms-callback-url

Headers

Key Value Description
Content-Type application/json The content type expected
Accept application/json The format type expected by the server
signature aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd The signature generated with signature token and raw payload

Payload

Name Type Description
id uuid Wiza transaction ID
numbers string An array of valid phone numbers where you want to deliver the sms message.
content string The sms message content you want to deliver
status string The status of the SMS request.
status_reason string The reason code of the SMS request status.

Response

This callback is a fire and forget. It is the merchant responsability to guarantee the proper endpoint that accepts the callback request

Status Meaning Description
2xx Success The callback was successfully accepted by the merchant system.
4xx or 5xx Failed The callback was not successful and Wiza may try again later

Sandbox

Payments

When using Wiza payments API with a sandbox token the payment scenarios uses a very specific phone numbers to simulate the successful and rejection transactions status.

The processes for callback, signature and any other requirement specified previously still apply just like it would when using production token.

Scenario Number Notes
Accepted 900000000 This scenario simulates a successful payment confirmation
Rejected 900002004 This scenario simulates a failed payment confirmation because user failed to accept within time limit.
Rejected 900003000 This scenario simulates a failed payment confirmation because user rejected it.
Rejected 9xxxxxxxx In case of the use of any other number this scenario would cover it and always respond with processor error 4000

SMS

When using Wiza SMS API with a sandbox token the SMS scenarios uses a very specific phone numbers to simulate the successful and rejection notifications status.

The processes for callback, signature and any other requirement specified previously still apply just like it would when using production token.

Scenario Number Notes
Sent 900000000 This scenario simulates a successful sms notification
Rejected 9xxxxxxxx In case of the use of any other number this scenario would cover it and always respond with processor error 4000

Status Codes

Payments

Wiza Payments API uses the following status codes:

Code Meaning
9000 Unknown Error / Erro Desconhecido
4004 Transaction Expired / Transacção Expirada
4003 Processor Unavailable / Processador Indisponível
4000 Processor Error / Erro no Processador
3006 Amount lower than minimum limit / Valor abaixo do liminte minimo
3005 Invalid PIN / PIN Inválido
3004 Invalid Confirmation / Confirmação Inválida
3003 Request Timed out / Tempo Expirado
3002 Rejected by the customer / Rejeitado pelo cliente
3001 Insufficient funds / Saldo insuficiente
3000 Invalid or disabled account / Conta inválida ou desactivada
2000 Successful / Sucesso

SMS

Wiza SMS API uses the following status codes:

Code Meaning
9000 Unknown Error / Erro Desconhecido
5001 Processor Unavailable / Processador Indisponível
5000 Processor Error / Erro no Processador
MESSAGE_CONTENT_FIELD_IS_REQUIRED The field content is missing
MESSAGE_NUMBERS_FIELD_IS_REQUIRED The field numbers is missing
MESSAGE_NUMBERS_FIELD_MUST_BE_ARRAY The field numbers has to be of a an array eg: ["912123123", "921123123"]
NOT_ENOUGH_CREDITS Insufficient credits / Créditos Insuficientes
REQUESTED Request submmited and waiting response / Pedido feito e a aguardar resposta
SUCCESS Successful / Sucesso