KRA — Validate PIN by National ID
Look up a KRA PIN by national ID or company registration number via the live KRA API. Use `"ID"` for individuals or `"COMP"` for companies. Aliases are case-insensitive: `ID`, `KE`, `INDIVIDUAL`, `NATIONAL_ID` all map to individual lookups; `COMP`, `COMPANY`, `CPR` all map to company lookups.
Endpoint
POSThttps://gateway.startappz.co.ke/api/v1/sandbox/kra-validate-pin-by-id
Swap sandbox for live once you have production credentials.
Authentication
Send your credentials as headers:
| Header | Value |
|---|---|
X-API-Key | Your public key |
X-API-Secret | Your secret (shown once at issue time) |
Request parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
taxpayer_type |
String | required | `"ID"` for Kenyan national ID, or `"COMP"` for company CPR. Aliases accepted (case-insensitive): `ID|KE|INDIVIDUAL|NATIONAL_ID` for individuals, `COMP|COMPANY|CPR` for companies. Returns 400 for any other value. |
taxpayer_id |
String | required | The taxpayer identifier: national ID number (8 digits, e.g. `37391109`) for individuals, or company CPR registration number (e.g. `CPR/2014/133700`) for companies. |
Response parameters
All responses follow the standard envelope: { code, message, data }.
| Field | Type | Description |
|---|---|---|
code | String | Internal status code (e.g. 200.001). |
message | String | Human-readable status / error description. |
data | Object | Endpoint-specific payload (fields below). |
data.verified |
Boolean | True when a PIN was found for the supplied identifier. |
data.kra_pin |
String | KRA PIN registered to the identifier. |
data.taxpayer_name |
String | Registered taxpayer name. |
Sandbox masking
By default, sandbox responses mask PII (names, IDs, dates, phone numbers). You can grant unmasked consent per key from your dashboard.