KRA — Validate Import Certificate
Validate a KRA Customs import declaration certificate number against the live KRA API.
Endpoint
POSThttps://gateway.startappz.co.ke/api/v1/sandbox/kra-validate-import-cert
Swap sandbox for live once you have production credentials.
Authentication
Send your credentials as headers:
| Header | Value |
|---|---|
X-API-Key | Your public key |
X-API-Secret | Your secret (shown once at issue time) |
Request parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
certificate_no |
String | required | IDF / import declaration certificate number. |
Response parameters
All responses follow the standard envelope: { code, message, data }.
| Field | Type | Description |
|---|---|---|
code | String | Internal status code (e.g. 200.001). |
message | String | Human-readable status / error description. |
data | Object | Endpoint-specific payload (fields below). |
data.valid |
Boolean | True when the certificate is found in the registry. |
data.certificate_no |
String | Echo of the submitted certificate number. |
data.importer_name |
String | Importer business name. |
data.declared_value |
String | Declared CIF value. |
Sandbox masking
By default, sandbox responses mask PII (names, IDs, dates, phone numbers). You can grant unmasked consent per key from your dashboard.