Build financial
products for
Africa, with Sogo
One REST API for gift card trading, crypto-to-cash payouts, RMB purchases, and bill payments across Nigeria and Ghana. Production-ready infrastructure your users can depend on.
POST https://api.sogo.africa/v1/crypto/deposit-address Authorization: Bearer sogo_sk_live_•••••••••••••••• Content-Type: application/json Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000 { "asset": "usdt", "network": "trc20" }
200 OK 87ms { "message": "Deposit address retrieved successfully.", "data": { "asset": "usdt", "network": "trc20", "address": "TQn9Y2khEsLJW...", "destination_tag": null, "is_active": true } }
Every Sogo service, available via API
One integration. Four powerful financial product categories ready for production.
Let users sell 50+ gift card brands for instant Naira or Cedis
Give your users access to a real-time gift card marketplace. We accept 50+ brands including Amazon, Apple/iTunes, Google Play, Steam, Sephora, Razer Gold and more: physical cards, e-codes, and digital receipts. Payouts reach Nigerian bank accounts or Ghanaian mobile money within minutes.
Convert crypto to Naira, settled to any bank instantly
Accept BTC, ETH, USDT, USDC and more from your users and convert them to Naira at live market rates. Settlement goes directly to registered bank accounts, with webhook-driven status updates at every step.
Buy Chinese Yuan (RMB) with Naira at competitive rates
Enable your users to fund international suppliers and settle cross-border trade payments in Renminbi. Access live ₦/CNY rates, place purchase orders programmatically, and get real-time confirmation on every FX transaction.
Pay bills across Nigeria - airtime, data, electricity and more
One unified API covers airtime, mobile data, electricity, cable TV, internet, betting wallet funding, exam fees, and eSIM across all major Nigerian providers. Every category returns an identical response shape - one integration handles them all.
From zero to live in four steps
Designed for velocity. Test in sandbox before any real money moves.
Create an account
Sign up at app.sogo.africa and complete KYC verification to unlock live Partner API access and your developer dashboard.
Generate API keys
Create key pairs from your profile's Developer tab. Scope each key to only the permissions your integration needs and optionally restrict by IP address.
Build in sandbox
Use sogo_sk_test_ keys against sandbox.sogo.africa. Full API parity with live. No real money moves until you switch environments.
Go live
Swap to your sogo_sk_live_ keys and point to api.sogo.africa. Your users are transacting in real Naira within seconds.
Reliable infrastructure
you can depend on
Every feature is engineered to withstand real-world traffic. Security, idempotency, and observability are first-class, not afterthoughts.
HMAC-SHA256 signed webhooks
Every delivery carries an X-Sogo-Signature-256 header. Verify with a constant-time comparison to guarantee payloads are authentic and untampered.
Idempotency built in
Send an Idempotency-Key on every write. Once a transaction is created under a key, that key can never produce a new one, no matter how many times you retry.
HTTPS enforcement
Every API request must be made over HTTPS. Plain HTTP requests are not supported to guarantee that your data is encrypted in transit and never exposed.
Exponential retry backoff
Failed webhook deliveries are retried up to 5 times on a progressive schedule (1 min, 5 min, 30 min, 2 hrs) before being marked permanently failed.
IP allowlisting
Restrict API key usage to specific IP addresses or CIDR ranges. Lock down live keys to your server IPs for defence in depth against credential compromise.
// 1. Verify the signature before anything else $body = file_get_contents('php://input'); $secret = getenv('SOGO_WEBHOOK_SECRET'); $expected = 'sha256=' . hash_hmac('sha256', $body, $secret); $received = $_SERVER['HTTP_X_SOGO_SIGNATURE_256'] ?? ''; if (!hash_equals($expected, $received)) { http_response_code(401); exit; } // 2. Respond 200 immediately, then process async http_response_code(200); echo json_encode(['received' => true]); flush(); // 3. Handle the event $event = json_decode($body, true); match ($event['event']) { 'transaction.completed' => onCompleted($event['data']), 'transaction.failed' => onFailed($event['data']), default => null, };
// 1. Verify signature const crypto = require('crypto'); const body = req.rawBody; const secret = process.env.SOGO_WEBHOOK_SECRET; const expected = 'sha256=' + crypto.createHmac('sha256', secret).update(body).digest('hex'); const received = req.headers['x-sogo-signature-256'] ?? ''; if (!crypto.timingSafeEqual( Buffer.from(expected), Buffer.from(received) )) { res.status(401).end(); return; } // 2. Respond immediately, then process res.status(200).json({ received: true }); const event = JSON.parse(body); switch (event.event) { case 'transaction.completed': onCompleted(event.data); break; case 'transaction.failed': onFailed(event.data); break; }
Everything a production integration needs
Every edge case handled from day one, so you can focus on building your product.
Real-time webhooks
Push events for every transaction state change. Subscribe per endpoint. Never poll for status again.
Idempotency protection
Every write accepts an Idempotency-Key. Safe to retry on network failure without fear of double charges.
Sandbox environment
Full API parity with live. Test every edge case, error path, and webhook without touching real money.
Scoped API keys
Grant exactly the permissions each integration needs. Public keys for read-only; secret keys for writes.
Structured error codes
Every failure returns a machine-readable code, a human message, and a doc_url straight to the relevant reference entry.
Interactive API reference
Explore every endpoint, fire live requests, and inspect real responses in our built-in reference. No Postman needed.
Ready to start building?
Get your API keys in under two minutes. The full sandbox is available immediately, no approval needed to start testing.