Prerequisites

  • Claude Code installed (npm install -g @anthropic-ai/claude-code)
  • An Anthropic account with API access
  • Your RohoPay project repository

Setup

1. Install Claude Code

npm install -g @anthropic-ai/claude-code
Verify: 
claude --version

2. Add RohoPay Context to CLAUDE.md

Create or update CLAUDE.md in your project root to include RohoPay context: 
# RohoPay Integration

## API Base URL
- Production: https://api.rohopay.com

## Authentication
- All `/api/v1/*` endpoints: `Authorization: Bearer {api_key}`
- Prefix `test_` = sandbox, `live_` = production
- Mutation endpoints REQUIRE `Idempotency-Key: {uuid}` header

## Core Endpoints
- POST /api/v1/collect  — mobile money collection
- POST /api/v1/disburse — mobile money disbursement (live only)
- GET  /api/v1/transactions/:ref — check status
- GET  /api/v1/wallet/balance — wallet balance
- POST /api/v1/checkout — card payment (Visa/MC, api_key in body)

## Webhook Verification
- All webhooks: HMAC-SHA256 in `X-RohoPay-Signature` header
- Secret from env: ROHOPAY_WEBHOOK_SECRET

## Phone Format
- International format without +: 256XXXXXXXXX (Uganda), 254XXXXXXXXX (Kenya)
- Pattern: ^(256|254|255|250)[0-9]{7,12}$

## Transaction Statuses
- pending → successful | failed (terminal)

## Digital Products
- POST /api/v2/digital/products — create product (session auth)
- POST /api/v2/digital/links — create payment link (session auth)
- GET  /api/v2/public/checkout/:slug — public checkout page data (no auth)
- POST /api/v2/public/checkout/:slug/pay — process payment (rate limited)
- GET  /api/v2/public/checkout/:slug/order/:id — poll order status

## Test Cards
- Visa success: 4111 1111 1111 1111
- Visa decline: 4000 0000 0000 0002
- MC success:   5500 0000 0000 0004
- MC decline:   5200 8282 8210 0001

## Test Mobile Numbers (test_ key only)
- Success: 011177777(0-9) or 256700000000
- Failed:  011177799(0-9)
- Pending: 011177778(0-9)

## Available Skills
- /rohopay-collect    — mobile money collection handler
- /rohopay-webhook    — webhook handler with HMAC verification
- /rohopay-card       — card payment 3D Secure flow
- /rohopay-errors     — error code reference
- /rohopay-digital    — digital products and payment links

## Application Structure
- apps/api — Go backend (Gin) — payment API
- apps/admin — Next.js merchant dashboard
- apps/web — Next.js marketing site
- apps/digital — Next.js digital checkout

3. Start Claude Code

cd your-project
claude
Claude will automatically read CLAUDE.md and have full context about your RohoPay integration.

Using Claude for RohoPay Tasks

Generate a Collection Handler

> Write a TypeScript function that collects a mobile money payment
> and polls until it resolves, with proper error handling
Claude will generate code using the correct endpoint, headers, and idempotency patterns.

Debug a Webhook

> My webhook isn't receiving events. Here's my handler: [paste code]
Claude will check the signature verification, response timing, and content-type handling.

Review Integration

> Review my RohoPay integration in src/payments/ for correctness and security

Generate Tests

> Write Jest tests for my RohoPay webhook handler covering:
> - successful payment
> - failed payment  
> - invalid signature
> - missing idempotency key

Project-Level Settings (.claude/settings.json)

Add RohoPay-specific allowed commands to avoid permission prompts: 
{
  "permissions": {
    "allow": [
      "Bash(curl:*)",
      "Bash(go test:*)",
      "Bash(pnpm test:*)"
    ]
  },
  "env": {
    "ROHOPAY_API_KEY": "test_xxx",
    "ROHOPAY_WEBHOOK_SECRET": "your-secret"
  }
}

Claude Code Skills

Install the skills to get quick-access slash commands: 
# After installing skills (see /ai-setup/skills)
/rohopay-collect mobile money collection handler
/rohopay-webhook webhook handler with HMAC verification
/rohopay-card card payment 3D Secure flow
/rohopay-errors error code reference
/rohopay-digital digital products and payment links

Troubleshooting

Make sure CLAUDE.md is in the root of your working directory when you start claude. Claude Code reads CLAUDE.md automatically at startup.
Add this to your CLAUDE.md: “Always use international format for East African phone numbers: remove leading 0, add country code (256 for Uganda, 254 for Kenya).”
Emphasize in CLAUDE.md: “The /api/v1/checkout endpoint takes api_key in the REQUEST BODY, not in the Authorization header. All other /api/v1/* endpoints use Authorization: Bearer header.”