Wallet Operations
This guide covers the operations you can perform with Maraboo wallets via the API and Business Portal.
Available Operations
Viewing Wallets
Retrieve all wallets associated with your business account.
Endpoint: GET /api-access/purses/wallets
Required Headers:
Authorization: HMAC-SHA256 PUBLIC_KEY:PRIVATE_KEYX-Origin: third-party-apiX-Timestamp: ISO 8601 timestampContent-Type: application/json
javascript
const timestamp = new Date().toISOString();
const response = await fetch('https://gateway.mara.boo/api-access/purses/wallets', {
headers: {
'Authorization': `HMAC-SHA256 ${process.env.MARABOO_PUBLIC_KEY}:${process.env.MARABOO_PRIVATE_KEY}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
});
const wallets = await response.json();
console.log('Wallets:', wallets);python
import os
import requests
from datetime import datetime, timezone
timestamp = datetime.now(timezone.utc).isoformat()
response = requests.get(
'https://gateway.mara.boo/api-access/purses/wallets',
headers={
'Authorization': f'HMAC-SHA256 {os.getenv("MARABOO_PUBLIC_KEY")}:{os.getenv("MARABOO_PRIVATE_KEY")}',
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
)
wallets = response.json()
print('Wallets:', wallets);java
import java.net.http.*;
import java.time.Instant;
String timestamp = Instant.now().toString();
String publicKey = System.getenv("MARABOO_PUBLIC_KEY");
String privateKey = System.getenv("MARABOO_PRIVATE_KEY");
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://gateway.mara.boo/api-access/purses/wallets"))
.header("Authorization", "HMAC-SHA256 " + publicKey + ":" + privateKey)
.header("X-Origin", "third-party-api")
.header("X-Timestamp", timestamp)
.header("Content-Type", "application/json")
.GET()
.build();
HttpResponse<String> response = HttpClient.newHttpClient()
.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println("Wallets: " + response.body());csharp
using System;
using System.Net.Http;
using System.Threading.Tasks;
var timestamp = DateTime.UtcNow.ToString("o");
var publicKey = Environment.GetEnvironmentVariable("MARABOO_PUBLIC_KEY");
var privateKey = Environment.GetEnvironmentVariable("MARABOO_PRIVATE_KEY");
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "https://gateway.mara.boo/api-access/purses/wallets");
request.Headers.Add("Authorization", $"HMAC-SHA256 {publicKey}:{privateKey}");
request.Headers.Add("X-Origin", "third-party-api");
request.Headers.Add("X-Timestamp", timestamp);
request.Headers.Add("Content-Type", "application/json");
var response = await client.SendAsync(request);
var wallets = await response.Content.ReadAsStringAsync();
Console.WriteLine($"Wallets: {wallets}");go
package main
import (
"fmt"
"net/http"
"os"
"time"
)
func main() {
timestamp := time.Now().UTC().Format(time.RFC3339)
publicKey := os.Getenv("MARABOO_PUBLIC_KEY")
privateKey := os.Getenv("MARABOO_PRIVATE_KEY")
req, _ := http.NewRequest("GET", "https://gateway.mara.boo/api-access/purses/wallets", nil)
req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 %s:%s", publicKey, privateKey))
req.Header.Set("X-Origin", "third-party-api")
req.Header.Set("X-Timestamp", timestamp)
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
fmt.Println("Wallets response:", resp)
}bash
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
curl -X GET "https://gateway.mara.boo/api-access/purses/wallets" \
-H "Authorization: HMAC-SHA256 ${MARABOO_PUBLIC_KEY}:${MARABOO_PRIVATE_KEY}" \
-H "X-Origin: third-party-api" \
-H "X-Timestamp: ${TIMESTAMP}" \
-H "Content-Type: application/json"Response:
json
[
{
"id": "b8c5e869-4b10-4419-9657-bdd5d4863336",
"balance": 1500000,
"wallet_name": "xof-2",
"currency": "XOF",
"description": "West African Operations",
"business_id": "1af71b98-c3a6-4a1c-b62b-66aa69542de0",
"user_id": "8f4f7a20-87be-4411-b178-a3528a034744",
"wallet_type": "BankWallet",
"status": "ACTIVE",
"created_at": 1760222314.928337,
"updated_at": 1760222762.347509,
"wallet_reference": "B8C5E8694BXOF"
},
{
"id": "e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c",
"balance": 99000,
"wallet_name": "cad-1",
"currency": "CAD",
"description": "Canadian Operations",
"business_id": "1af71b98-c3a6-4a1c-b62b-66aa69542de0",
"user_id": "8f4f7a20-87be-4411-b178-a3528a034744",
"wallet_type": "BankWallet",
"status": "ACTIVE",
"created_at": 1760222456.123456,
"updated_at": 1760222890.654321,
"wallet_reference": "E6107394D9CAD"
}
]Getting a Specific Wallet
Retrieve details for a single wallet by ID.
Endpoint: GET /clients/api/business/wallets/{wallet_id}
javascript
const walletId = 'b8c5e869-4b10-4419-9657-bdd5d4863336';
const timestamp = new Date().toISOString();
const response = await fetch(`https://gateway.mara.boo/clients/api/business/wallets/${walletId}`, {
headers: {
'Authorization': `HMAC-SHA256 ${process.env.MARABOO_PUBLIC_KEY}:${process.env.MARABOO_PRIVATE_KEY}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
});
const wallet = await response.json();
console.log('Wallet:', wallet);python
import os
import requests
from datetime import datetime, timezone
wallet_id = 'b8c5e869-4b10-4419-9657-bdd5d4863336'
timestamp = datetime.now(timezone.utc).isoformat()
response = requests.get(
f'https://gateway.mara.boo/clients/api/business/wallets/{wallet_id}',
headers={
'Authorization': f'HMAC-SHA256 {os.getenv("MARABOO_PUBLIC_KEY")}:{os.getenv("MARABOO_PRIVATE_KEY")}',
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
)
wallet = response.json()
print('Wallet:', wallet)java
import java.net.http.*;
import java.time.Instant;
String walletId = "b8c5e869-4b10-4419-9657-bdd5d4863336";
String timestamp = Instant.now().toString();
String publicKey = System.getenv("MARABOO_PUBLIC_KEY");
String privateKey = System.getenv("MARABOO_PRIVATE_KEY");
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://gateway.mara.boo/clients/api/business/wallets/" + walletId))
.header("Authorization", "HMAC-SHA256 " + publicKey + ":" + privateKey)
.header("X-Origin", "third-party-api")
.header("X-Timestamp", timestamp)
.header("Content-Type", "application/json")
.GET()
.build();
HttpResponse<String> response = HttpClient.newHttpClient()
.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println("Wallet: " + response.body());csharp
using System;
using System.Net.Http;
using System.Threading.Tasks;
var walletId = "b8c5e869-4b10-4419-9657-bdd5d4863336";
var timestamp = DateTime.UtcNow.ToString("o");
var publicKey = Environment.GetEnvironmentVariable("MARABOO_PUBLIC_KEY");
var privateKey = Environment.GetEnvironmentVariable("MARABOO_PRIVATE_KEY");
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get,
$"https://gateway.mara.boo/clients/api/business/wallets/{walletId}");
request.Headers.Add("Authorization", $"HMAC-SHA256 {publicKey}:{privateKey}");
request.Headers.Add("X-Origin", "third-party-api");
request.Headers.Add("X-Timestamp", timestamp);
request.Headers.Add("Content-Type", "application/json");
var response = await client.SendAsync(request);
var wallet = await response.Content.ReadAsStringAsync();
Console.WriteLine($"Wallet: {wallet}");go
package main
import (
"fmt"
"net/http"
"os"
"time"
)
func main() {
walletId := "b8c5e869-4b10-4419-9657-bdd5d4863336"
timestamp := time.Now().UTC().Format(time.RFC3339)
publicKey := os.Getenv("MARABOO_PUBLIC_KEY")
privateKey := os.Getenv("MARABOO_PRIVATE_KEY")
url := fmt.Sprintf("https://gateway.mara.boo/clients/api/business/wallets/%s", walletId)
req, _ := http.NewRequest("GET", url, nil)
req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 %s:%s", publicKey, privateKey))
req.Header.Set("X-Origin", "third-party-api")
req.Header.Set("X-Timestamp", timestamp)
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
fmt.Println("Wallet response:", resp)
}bash
WALLET_ID="b8c5e869-4b10-4419-9657-bdd5d4863336"
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
curl -X GET https://gateway.mara.boo/clients/api/business/wallets/${WALLET_ID} \
-H "Authorization: HMAC-SHA256 ${MARABOO_PUBLIC_KEY}:${MARABOO_PRIVATE_KEY}" \
-H "X-Origin: third-party-api" \
-H "X-Timestamp: ${TIMESTAMP}" \
-H "Content-Type: application/json"Response:
json
{
"data": {
"id": "b8c5e869-4b10-4419-9657-bdd5d4863336",
"balance": 1500000,
"wallet_name": "xof-2",
"currency": "XOF",
"description": "West African Operations",
"business_id": "1af71b98-c3a6-4a1c-b62b-66aa69542de0",
"user_id": "8f4f7a20-87be-4411-b178-a3528a034744",
"wallet_type": "BankWallet",
"status": "ACTIVE",
"created_at": 1760222314.928337,
"updated_at": 1760222762.347509,
"wallet_reference": "B8C5E8694BXOF"
},
"success": true,
"message": "Wallet retrieved successfully",
"detail": {}
}Filtering Wallets
Filter wallets by type, currency, or status with pagination and sorting.
Query Parameters:
| Parameter | Type | Description | Default |
|---|---|---|---|
currency | string | Filter by currency code (XOF, CAD, USD) | - |
walletType | string | Filter by wallet type (BankWallet, MobileMoneyWallet) | - |
status | string | Filter by status (ACTIVE, INACTIVE, DISABLED) | - |
page | integer | Page number for pagination | 0 |
size | integer | Number of items per page | 20 |
sort | string | Sort order (e.g., createdAt,desc, wallet_name,asc) | createdAt,desc |
Examples:
javascript
// Get all XOF wallets
const timestamp = new Date().toISOString();
const response = await fetch(
'https://gateway.mara.boo/api-access/purses/wallets?currency=XOF',
{
headers: {
'Authorization': `HMAC-SHA256 ${publicKey}:${privateKey}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
}
);javascript
// Get active XOF bank wallets, sorted by name
const timestamp = new Date().toISOString();
const response = await fetch(
'https://gateway.mara.boo/api-access/purses/wallets?walletType=BankWallet¤cy=XOF&status=ACTIVE&sort=wallet_name,asc',
{
headers: {
'Authorization': `HMAC-SHA256 ${publicKey}:${privateKey}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
}
);javascript
// Get second page with 10 items per page
const timestamp = new Date().toISOString();
const response = await fetch(
'https://gateway.mara.boo/api-access/purses/wallets?page=1&size=10',
{
headers: {
'Authorization': `HMAC-SHA256 ${publicKey}:${privateKey}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
}
);bash
# Get active mobile money wallets, sorted by creation date
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
curl -X GET "https://gateway.mara.boo/api-access/purses/wallets?walletType=MobileMoneyWallet&status=ACTIVE&sort=createdAt,desc" \
-H "Authorization: HMAC-SHA256 ${MARABOO_PUBLIC_KEY}:${MARABOO_PRIVATE_KEY}" \
-H "X-Origin: third-party-api" \
-H "X-Timestamp: ${TIMESTAMP}" \
-H "Content-Type: application/json"Sorting Options:
You can sort by any wallet field:
createdAt,desc- Newest first (default)createdAt,asc- Oldest firstwallet_name,asc- Alphabetically by namebalance,desc- Highest balance firstupdated_at,desc- Most recently updated first
Creating Wallets
Wallets are created through the Business Portal, not via API.
To create a wallet:
- Log in to the Business Portal
- Navigate to Balances → Bank Wallet or Balances → Mobile Money
- Click "+ Add Wallet"
- Fill in the wallet details:
- Select currency (XOF, CAD, USD)
- Enter wallet name
- Add optional description
- Click "Add Wallet"
API Creation Not Supported
Wallets cannot be created via API. All wallet creation must be done through the Business Portal.
Updating Wallets
Not Currently Supported
Wallet details (name, description) cannot be edited at this time. If you need to update wallet information, please contact support at support@mara.boo.
Immutable Fields
The following wallet fields cannot be changed after creation:
- Wallet ID
- Currency
- Wallet type (BankWallet or MobileMoneyWallet)
- Business ID
- Created timestamp
- Wallet reference
Note: Balance is managed automatically through transactions, not direct updates.
Wallet Status Management
Not Currently Available
Wallet status management (activating/deactivating/disabling wallets) is not currently available via API or the Business Portal. This feature is planned for future portal releases.
If you need to change a wallet's status, please contact support at support@mara.boo.
Wallet Statuses
Wallets can have the following statuses:
- ACTIVE - Wallet is operational and can process transactions
- INACTIVE - Wallet is temporarily inactive
- DISABLED - Wallet is disabled and cannot be used
Coming Soon
Self-service wallet status management will be added to the Business Portal in a future update, allowing you to activate, deactivate, or disable wallets as needed.
Wallet Transactions
View transaction history for specific wallets using the transactions endpoint with wallet filtering.
Endpoint: GET /clients/transactions/sessions
Query Parameters:
| Parameter | Type | Description | Default |
|---|---|---|---|
wallet | string[] | List of wallet IDs to filter by (can specify multiple) | - |
offset | integer | Starting position for results | 0 |
limit | integer | Number of items to return | 10 |
start_date | string | Filter transactions from this date (YYYY-MM-DD) | - |
end_date | string | Filter transactions until this date (YYYY-MM-DD) | - |
sort | string | Sort order (e.g., createdAt,desc) | createdAt,desc |
javascript
const walletIds = [
'b8c5e869-4b10-4419-9657-bdd5d4863336',
'e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c'
];
const timestamp = new Date().toISOString();
// Build query params with all filters
const params = new URLSearchParams();
walletIds.forEach(id => params.append('wallet', id));
params.append('start_date', '2025-07-13');
params.append('end_date', '2025-08-12');
params.append('offset', '0');
params.append('limit', '10');
const response = await fetch(
`https://gateway.mara.boo/clients/transactions/sessions?${params}`,
{
headers: {
'Authorization': `HMAC-SHA256 ${process.env.MARABOO_PUBLIC_KEY}:${process.env.MARABOO_PRIVATE_KEY}`,
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
}
);
const transactions = await response.json();
console.log('Wallet transactions:', transactions);python
import os
import requests
from datetime import datetime, timezone
wallet_ids = [
'b8c5e869-4b10-4419-9657-bdd5d4863336',
'e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c'
]
timestamp = datetime.now(timezone.utc).isoformat()
# Build query params with all filters
params = {
'wallet': wallet_ids,
'start_date': '2025-07-13',
'end_date': '2025-08-12',
'offset': 0,
'limit': 10
}
response = requests.get(
'https://gateway.mara.boo/clients/transactions/sessions',
params=params,
headers={
'Authorization': f'HMAC-SHA256 {os.getenv("MARABOO_PUBLIC_KEY")}:{os.getenv("MARABOO_PRIVATE_KEY")}',
'X-Origin': 'third-party-api',
'X-Timestamp': timestamp,
'Content-Type': 'application/json'
}
)
transactions = response.json()
print('Wallet transactions:', transactions)java
import java.net.http.*;
import java.time.Instant;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
String timestamp = Instant.now().toString();
String publicKey = System.getenv("MARABOO_PUBLIC_KEY");
String privateKey = System.getenv("MARABOO_PRIVATE_KEY");
// Build query string with all filters
String walletId1 = "b8c5e869-4b10-4419-9657-bdd5d4863336";
String walletId2 = "e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c";
String queryParams = "wallet=" + walletId1 + "&wallet=" + walletId2 +
"&start_date=2025-07-13&end_date=2025-08-12&offset=0&limit=10";
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://gateway.mara.boo/clients/transactions/sessions?" + queryParams))
.header("Authorization", "HMAC-SHA256 " + publicKey + ":" + privateKey)
.header("X-Origin", "third-party-api")
.header("X-Timestamp", timestamp)
.header("Content-Type", "application/json")
.GET()
.build();
HttpResponse<String> response = HttpClient.newHttpClient()
.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println("Wallet transactions: " + response.body());csharp
using System;
using System.Net.Http;
using System.Threading.Tasks;
using System.Web;
var timestamp = DateTime.UtcNow.ToString("o");
var publicKey = Environment.GetEnvironmentVariable("MARABOO_PUBLIC_KEY");
var privateKey = Environment.GetEnvironmentVariable("MARABOO_PRIVATE_KEY");
// Build query string with all filters
var queryParams = HttpUtility.ParseQueryString(string.Empty);
queryParams.Add("wallet", "b8c5e869-4b10-4419-9657-bdd5d4863336");
queryParams.Add("wallet", "e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c");
queryParams.Add("start_date", "2025-07-13");
queryParams.Add("end_date", "2025-08-12");
queryParams.Add("offset", "0");
queryParams.Add("limit", "10");
var url = $"https://gateway.mara.boo/clients/transactions/sessions?{queryParams}";
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, url);
request.Headers.Add("Authorization", $"HMAC-SHA256 {publicKey}:{privateKey}");
request.Headers.Add("X-Origin", "third-party-api");
request.Headers.Add("X-Timestamp", timestamp);
request.Headers.Add("Content-Type", "application/json");
var response = await client.SendAsync(request);
var transactions = await response.Content.ReadAsStringAsync();
Console.WriteLine($"Wallet transactions: {transactions}");go
package main
import (
"fmt"
"net/http"
"net/url"
"os"
"time"
)
func main() {
timestamp := time.Now().UTC().Format(time.RFC3339)
publicKey := os.Getenv("MARABOO_PUBLIC_KEY")
privateKey := os.Getenv("MARABOO_PRIVATE_KEY")
// Build query params with all filters
params := url.Values{}
params.Add("wallet", "b8c5e869-4b10-4419-9657-bdd5d4863336")
params.Add("wallet", "e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c")
params.Add("start_date", "2025-07-13")
params.Add("end_date", "2025-08-12")
params.Add("offset", "0")
params.Add("limit", "10")
reqUrl := fmt.Sprintf("https://gateway.mara.boo/clients/transactions/sessions?%s", params.Encode())
req, _ := http.NewRequest("GET", reqUrl, nil)
req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 %s:%s", publicKey, privateKey))
req.Header.Set("X-Origin", "third-party-api")
req.Header.Set("X-Timestamp", timestamp)
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
fmt.Println("Wallet transactions:", resp)
}bash
WALLET_ID_1="b8c5e869-4b10-4419-9657-bdd5d4863336"
WALLET_ID_2="e6107394-d9ca-4f8d-b3a1-2c8f1e5a7b9c"
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
curl -X GET "https://gateway.mara.boo/clients/transactions/sessions?wallet=${WALLET_ID_1}&wallet=${WALLET_ID_2}&start_date=2025-07-13&end_date=2025-08-12&offset=0&limit=10" \
-H "Authorization: HMAC-SHA256 ${MARABOO_PUBLIC_KEY}:${MARABOO_PRIVATE_KEY}" \
-H "X-Origin: third-party-api" \
-H "X-Timestamp: ${TIMESTAMP}" \
-H "Content-Type: application/json"Multiple Wallet Filtering
You can filter transactions for multiple wallets by providing multiple wallet query parameters. This is useful for viewing transactions across all your wallets or specific wallet groups.
INFO
For detailed information about transaction response structure and additional filtering options, see the Payments Documentation.
Best Practices
1. Cache Wallet Data
Cache wallet information locally to reduce API calls. Consider implementing a cache with a 5-minute TTL (time-to-live) to balance freshness with performance.
2. Handle Wallet Webhooks
Use webhooks to keep your local wallet data up to date. When you receive a wallet.updated event, invalidate your cache and update your local database to ensure data consistency.
3. Organize Wallets by Purpose
Use consistent naming conventions for your wallets to make them easy to identify and manage. Consider formats like:
{purpose}-{currency}-{environment}(e.g., "operations-xof-prod"){department}-{currency}(e.g., "marketing-cad"){project}-{type}(e.g., "projectalpha-bank")
4. Monitor Wallet Health
Set up automated monitoring to:
- Check wallet statuses regularly
- Alert when wallets become INACTIVE or DISABLED
- Notify your team when wallet balances fall below thresholds
- Track unusual balance changes or transaction patterns
Error Handling
Common Errors
404 Not Found
Cause: Wallet ID doesn't exist or doesn't belong to your account
javascript
try {
const wallet = await getWallet(walletId);
} catch (error) {
if (error.status === 404) {
console.error('Wallet not found');
// Handle missing wallet
}
}403 Forbidden
Cause: Missing required headers or insufficient permissions
javascript
// Ensure all required headers are present
const headers = {
'Authorization': `HMAC-SHA256 ${publicKey}:${privateKey}`,
'X-Origin': 'third-party-api',
'X-Timestamp': new Date().toISOString(),
'Content-Type': 'application/json'
};401 Unauthorized
Cause: Invalid API keys or incorrect authentication format
Solution:
- Verify API keys are correct
- Check Authorization header format
- Ensure timestamp is current (within 5 minutes)
Next Steps
Wallets Overview - Learn about wallet concepts
Payments - Process transactions with wallets
Webhooks - Monitor wallet events