🔹 Fetch Users – Fetch institution members 🔹 Store User – Create individual institution members programmatically 🔹 Update User – Update existing institution member information 🔹 Upload Users – Bulk upload institution members via CSV/Excel files for processing 🔹 Request Loan Offers – Get loan offers with interest rates, fees, and repayment terms for members 🔹 Request Loans – Submit loan requests on behalf of institution members 🔹 Perform Loan Action – Accept, cancel, or reject counter-offers on loan requests for members 🔹 Receive Webhooks – Get real-time notifications about loan events (approved, rejected, disbursed, counter-offers) 🔹 Fetch Banks – Fetch list of supported banks

​
Why Use Direct Savings External API?

🔹 Fast & Reliable – Optimized for speed and uptime. 🔹 Developer-Friendly – RESTful architecture with intuitive endpoints. 🔹 Secure – HMAC signature-based authentication for secure access.

​
Authentication & Security

All endpoints require HMAC signature authentication via the Authorization header. The authentication uses HMAC (Hash-based Message Authentication Code) to sign requests. You must generate a signature using your secret key and include it in the Authorization header along with your public key in the format: public_key:signature.

​
Authentication Process

  1. Generate HMAC Signature: Create an HMAC signature by creating an HMAC hash of the request body (JSON stringified) using your secret key
  2. Format Authorization Header: Combine your public key and signature in the format: public_key:signature
  3. Send Request: Include the formatted value in the Authorization header

​
Example

Authorization: pub_abc123xyz:abc123def456ghi789...
Where:
  • pub_abc123xyz is your provided public key
  • abc123def456ghi789... is the HMAC signature generated using your secret key
Contact your account manager to obtain your public key and secret key for generating signatures.

​
Error Handling

The API uses standard HTTP status codes:
  • 200 OK: Request successful
  • 400 Bad Request: Invalid request parameters or validation errors
  • 401 Unauthorized: Invalid or missing authentication credentials
  • 404 Not Found: Requested resource not found
  • 422 Unprocessable Entity: Request is well-formed but cannot be processed
  • 500 Internal Server Error: Server error
All error responses include a message describing the issue.

​
Webhooks

The Direct Savings API supports webhooks to notify your application of important loan events in real-time. When configured, you’ll receive POST requests to your specified endpoint whenever loan statuses change.

​
Supported Events

  • loan.approved - Loan application has been approved
  • loan.rejected - Loan application has been rejected
  • loan.disbursed - Loan funds have been disbursed to the borrower
  • loan.counter - A counter-offer has been made on the loan application

​
Webhook Payload

All webhook payloads include:
  • event: The event type
  • data: Event-specific loan information including loan ID, amount, status, and other relevant details
For complete webhook documentation including payload examples and security details, see the Webhooks API Reference.