Build on a payroll-secured credit rail.
One REST endpoint to authorize purchases against pre-approved staff credit. Bank-grade security · 1-second responses · Audit-ready logs.
Three endpoints. Production-ready in an afternoon.
- Sign in and generate an API key on the API Keys page.
- Send a
POST /api/v1/authorizefrom your POS with the staff ID and amount. - If approved, print the
authorization_codeon the receipt.
/api/v1. Authenticate with a Bearer token.Base URL: https://altura.e-startupskenya.co.ke
Header: Authorization: Bearer alt_live_xxxxxxxxxxxxxxxxxxxx
Content-Type: application/json{ ok: boolean, data?: ..., error?: { code, message } }.curl -X POST https://altura.e-startupskenya.co.ke/api/v1/authorize \
-H "Authorization: Bearer $ALTURA_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"employee_code": "STAFF-1042",
"amount": 12000,
"installments": 3
}'{
"ok": true,
"data": {
"approved": true,
"authorization_code": "ALT-7K3XQ9",
"transaction_id": "tx_01H...",
"staff_name": "Jane Mwangi",
"amount": 12000,
"installments": 3,
"new_available_balance": 8000,
"next_deduction_date": "2026-05-30"
}
}{
"ok": true,
"data": {
"approved": false,
"reason": "Insufficient available credit",
"available": 4500
}
}| Field | Type | Required | Notes |
|---|---|---|---|
| employee_code | string | Yes | Staff ID as issued by the employer. |
| amount | number | Yes | In KES. Max 10,000,000. |
| installments | integer | No | 1–12. Defaults to 1 (next paycheck). |
curl -X POST https://altura.e-startupskenya.co.ke/api/v1/void \
-H "Authorization: Bearer $ALTURA_API_KEY" \
-H "Content-Type: application/json" \
-d '{ "authorization_code": "ALT-7K3XQ9" }'{
"ok": true,
"data": {
"voided": true,
"authorization_code": "ALT-7K3XQ9",
"amount_restored": 12000
}
}curl "https://altura.e-startupskenya.co.ke/api/v1/transactions?limit=50&status=approved" \
-H "Authorization: Bearer $ALTURA_API_KEY"| Param | Type | Notes |
|---|---|---|
| limit | integer | 1–200. Default 50. |
| from | ISO 8601 | Inclusive lower bound on occurred_at. |
| to | ISO 8601 | Inclusive upper bound on occurred_at. |
| status | enum | pending · approved · settled · declined |
| HTTP | Code | Meaning |
|---|---|---|
| 400 | invalid_input | Body failed validation. |
| 401 | missing_auth / invalid_key | No or invalid Bearer token. |
| 429 | rate_limited | More than 120 requests/min. |
| 500 | authorize_failed / query_failed | Internal error — safe to retry with backoff. |
const res = await fetch("https://altura.e-startupskenya.co.ke/api/v1/authorize", {
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.ALTURA_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
employee_code: "STAFF-1042",
amount: 12000,
installments: 3,
}),
});
const { ok, data, error } = await res.json();
if (!ok) throw new Error(error.message);
if (data.approved) {
printReceipt({ code: data.authorization_code, name: data.staff_name });
} else {
showDecline(data.reason);
}Two no-code ways to start authorizing today.
Use the Altura POS app on a tablet or phone, or drop the browser extension into your back-office laptop. Both call the same secure API — no developer integration required.
- Installs from the browser — no app store, no review process.
- Full-screen, app-like experience on tablets and phones.
- Auto-updates whenever you publish a new version.
- Offline banner so cashiers know when authorizations can't go through.
On iPhone/iPad, install with Safari → Share → "Add to Home Screen".
- Adds a one-click "Authorize" button to your browser toolbar.
- Choose installments (1, 2, 3, or 6 paychecks).
- Copy the auth code to paste on the receipt.
- API key stored locally — never sent anywhere except Altura.
v1.0.0 · Manifest V3 · ~16 KB · Unpack & load via chrome://extensions
- 1Unzip the downloadExtract altura-pos-extension.zip to a folder you can keep.
- 2Open chrome://extensionsPaste this in your browser address bar and press Enter.
- 3Enable Developer modeToggle the switch in the top-right of the page.
- 4Click Load unpackedSelect the unzipped folder. The Altura icon appears in your toolbar.
Built so the right people get paid at the right time.
Trust isn't a marketing feature — it's the foundation of every Altura transaction. Bank-grade · Payroll-secured · Privacy-first.
Nine controls across the credit lifecycleRepayment is deducted at source from the next salary cycle. The funds are recovered before the employee even receives them — eliminating the entire default spiral.
Every employee has a calculated personal ceiling based on verified salary, tenure, and existing deductions. Spending above the limit is impossible.
Each authorisation is checked in real time against employer policy, available balance, and merchant whitelist. No grey-area approvals.
Only employers with confirmed legal status, payroll capability, and signed deduction authority are onboarded into the network.
Two-factor employee verification at checkout. Time-bound authorisation codes. Every event signed and logged for audit.
Personal salary data never leaves the Altura environment. Retailers see only an authorisation result — never PII.
Every employee sees their limit, balance, deduction date, and amount before they shop. No fees hidden in fine print.
Every authorisation, settlement, and payroll deduction is immutably logged and exportable for HR, finance, and regulators.
Employer or employee can pause access in one click. Limits adjust automatically when employment status changes.
Three commitments that govern every line of code.
We will never extend credit beyond what an employee can comfortably repay from a single salary cycle.
Every party — employer, employee, retailer — sees the full picture. No hidden fees. No silent rate changes.
Encryption in transit and at rest. Role-based access. Continuous security scanning. Independent audits.
Want our security & compliance brief?
We'll share a full architecture overview, controls map, and policy library with your CISO or compliance team.
Request the brief