Python SDK for the HostPay payments API
Project description
HostPay Python SDK
A small, typed client for the HostPay payments API — wallets, deposits, transfers, payouts, escrow, transaction queries, user/wallet lifecycle management, and webhook verification.
Install
pip install hostpay # once published
# or, from this repo:
pip install ./sdk/python
Requires Python 3.8+ and httpx.
Quickstart
from hostpay import HostPay
client = HostPay(api_key="ak-...", secret_key="sk-...")
# Test Mode? use your test keys — same code, no real money moves.
# 1. Create a user and their wallet
user = client.users.create(
app_user_id="user_123",
name="Alice",
phone_number="+23279000000",
email="alice@example.com",
)
wallet = client.wallets.create(user.id)
# 2. Deposit via mobile money
deposit = client.deposits.mobile_money(wallet_id=wallet.id, amount=100)
# 3. Check the balance (attribute or dict access)
bal = client.wallets.balance(wallet.id)
print(bal.balance, bal["currency"])
# 4. Transfer, pay out, escrow
client.transfers.create(sender_wallet_id=wallet.id, recipient_identifier="bob", amount=20)
client.payouts.mobile_money(wallet_id=wallet.id, amount=5, phone_number="+23279000000")
hold = client.escrow.hold(wallet_id=wallet.id, amount=10)
client.escrow.release(hold.id, recipient_wallet_id="...")
Authentication
Pass your api-key and secret-key once at construction; they're sent on every
request. base_url defaults to production — point it at your staging host for
testing.
Idempotency
Money-moving calls accept idempotency_key — reuse the same key to safely retry
without double-charging:
client.payouts.mobile_money(
wallet_id=w, amount=5, phone_number="+232...", idempotency_key="order-42-payout"
)
Verifying webhooks
Pass the raw request body and headers straight from your web framework:
from hostpay import HostPay, SignatureVerificationError
client = HostPay(api_key="ak-...", secret_key="sk-...")
# e.g. in Flask
@app.post("/webhooks/hostpay")
def hook():
try:
event = client.webhooks.construct_event(
payload=request.get_data(), # raw bytes, not request.json
headers=request.headers,
secret=WEBHOOK_SIGNING_SECRET,
)
except SignatureVerificationError:
return "", 400
if event.event == "deposit.completed":
...
return "", 200
Signatures are HMAC-SHA256 over "<timestamp>.<body>"; deliveries older than
tolerance seconds (default 300) are rejected.
Errors
All errors derive from HostPayError and carry .status_code and .detail:
AuthenticationError (401/403), InvalidRequestError (400/404/422),
RateLimitError (429), APIError (5xx), APIConnectionError,
SignatureVerificationError.
Sandbox testing
In Test Mode, a user's phone number drives deterministic outcomes (see the
Testing guide): +23299000001
completes, +23299000002 fails, +23299000009 stays pending. The same fail
number works for payout recipients.
Typed responses
Core methods are annotated with TypedDict models (hostpay.models): users.*
return UserRead, wallets.create/get return WalletRead, transfers/
payouts return TransactionResponse, and escrow.* returns EscrowResponse.
A type checker (mypy/Pyright) will autocomplete and check keyed access —
user["id"], wallet["balance"]. Ad-hoc responses (wallet balance, the deposit
envelope) stay loosely typed.
At runtime every response is a HostPayObject (a dict), so both resp["field"]
and resp.field work regardless of typing. The model fields mirror the committed
../openapi.json, the source of truth for both SDKs —
regenerate the spec with python wallet-system/scripts/dump_openapi.py.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hostpay-0.2.1.tar.gz.
File metadata
- Download URL: hostpay-0.2.1.tar.gz
- Upload date:
- Size: 9.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2e49585595fc2064ab5deb2f34f634a4b6e99290500faddd60543fb3f99d32b4
|
|
| MD5 |
0087d3edb6034baf3d373b8ac136715c
|
|
| BLAKE2b-256 |
96ada96eae8207c1892c36df24f785416d109753973eed207460fc6486cc5782
|
Provenance
The following attestation bundles were made for hostpay-0.2.1.tar.gz:
Publisher:
publish-python.yml on HOST-SL/hostpay-sdk
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hostpay-0.2.1.tar.gz -
Subject digest:
2e49585595fc2064ab5deb2f34f634a4b6e99290500faddd60543fb3f99d32b4 - Sigstore transparency entry: 2062909834
- Sigstore integration time:
-
Permalink:
HOST-SL/hostpay-sdk@ad8a29df8ea77aeabc1731c5ad57dcdb7e893893 -
Branch / Tag:
refs/tags/python-v0.2.1 - Owner: https://github.com/HOST-SL
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-python.yml@ad8a29df8ea77aeabc1731c5ad57dcdb7e893893 -
Trigger Event:
push
-
Statement type:
File details
Details for the file hostpay-0.2.1-py3-none-any.whl.
File metadata
- Download URL: hostpay-0.2.1-py3-none-any.whl
- Upload date:
- Size: 11.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9a012ab9e1cab8179f8fcf955edec37ca7989592cce83ea218564616f7578565
|
|
| MD5 |
58763994f828c10b1e00a0c2ca7d0191
|
|
| BLAKE2b-256 |
5e7d68fdd57195d54c4a265fa2f41477e1a75fffc02e9a710d2ffb3af6179eb5
|
Provenance
The following attestation bundles were made for hostpay-0.2.1-py3-none-any.whl:
Publisher:
publish-python.yml on HOST-SL/hostpay-sdk
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hostpay-0.2.1-py3-none-any.whl -
Subject digest:
9a012ab9e1cab8179f8fcf955edec37ca7989592cce83ea218564616f7578565 - Sigstore transparency entry: 2062909932
- Sigstore integration time:
-
Permalink:
HOST-SL/hostpay-sdk@ad8a29df8ea77aeabc1731c5ad57dcdb7e893893 -
Branch / Tag:
refs/tags/python-v0.2.1 - Owner: https://github.com/HOST-SL
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-python.yml@ad8a29df8ea77aeabc1731c5ad57dcdb7e893893 -
Trigger Event:
push
-
Statement type: