Orange Money - SandPay

Orange Money — Webpay (web redirect payment flow).

Covered countries

Country	Code	Currency
Côte d’Ivoire	CI	XOF

Additional Orange markets (Senegal, Mali, Burkina Faso…) are on the post-launch roadmap.

Type	URL
Dev portal	developer.orange.com
OAuth token	`https://api.orange.com/oauth/v3/token`
Webpay	`https://api.orange.com/orange-money-webpay/dev/v1/webpayment`
USSD client	`*144#`

Enter these in Settings → Stores → Orange:

Field	Type	Description
`client_id`	text	OAuth client ID for your Orange Developer application.
`client_secret`	password	Associated OAuth secret.
`merchant_key`	text	Merchant key provided by Orange after Webpay activation.

OAuth client_credentials: Orange requires a grant_type=client_credentials flow with an application/x-www-form-urlencoded body (not JSON). SandPay handles this via the shared oauthClientCredentials helper.
Authentication combines Basic auth (client_id:client_secret in base64) on the token endpoint, then Bearer on Webpay calls.
Webpay response: pay_token (string) and payment_url (string). SandPay stores pay_token as provider_tx_id.
Webpay is a redirect-based flow: SandPay simulates this journey — the user would normally be redirected to payment_url to enter their PIN.
Return callbacks (return_url, cancel_url, notif_url) point to sandpay.dev/orange/* on the sandbox side.
The lang: "fr" field is forced for francophone markets.