All endpoints on this page require a valid bearer token. See Authentication for how to obtain one.
Authorization : Bearer YOUR_TOKEN
List bookings Return a paginated list of all bookings belonging to the authenticated user, ordered newest first.
Response 200 OK Array of booking summary objects. Unique booking identifier used in other endpoints.
Payment transaction reference.
Numeric status code (see table below).
Human-readable status, e.g. "Confirmed".
Total travellers across all age groups.
Total amount paid in USD.
Cover image URL, or null.
Booking creation timestamp.
Pagination metadata: current_page, last_page, total.
Booking status codes Code Label 0Pending Payment 1Confirmed 2Completed 3Cancelled 4Refunded 5Processing
{ "data" : [ { "uid" : "bk_a1b2c3d4" , "trx_id" : "TRX20240601001" , "status" : 1 , "status_label" : "Confirmed" , "date" : "2024-08-15" , "time_slot" : "06:00" , "total_persons" : 2 , "total_adult" : 2 , "total_children" : 0 , "total_infant" : 0 , "total_price" : 900.00 , "package" : { "title" : "Serengeti Safari Adventure" , "slug" : "serengeti-safari-adventure" , "cover" : "https://tripfy.africa/assets/upload/packages/serengeti.jpg" }, "created_at" : "2024-06-01 10:23:45" } ], "meta" : { "current_page" : 1 , "last_page" : 1 , "total" : 1 } }
curl https://tripfy.africa/api/v1/bookings \ -H "Authorization: Bearer YOUR_TOKEN"
Booking detail Return full details for a single booking. The booking must belong to the authenticated user.
GET /api/v1/bookings/{uid}
Path parameter The booking’s unique identifier, e.g. bk_a1b2c3d4.
Response 200 OK Includes all summary fields plus the following detail fields:
Show additional detail fields
Traveller details submitted for adults at checkout.
Traveller details submitted for children at checkout.
Traveller details submitted for infants at checkout.
Assigned guide’s full name, or null.
Assigned guide’s phone number, or null.
{ "data" : { "uid" : "bk_a1b2c3d4" , "status" : 1 , "status_label" : "Confirmed" , "date" : "2024-08-15" , "time_slot" : "06:00" , "total_persons" : 2 , "total_adult" : 2 , "total_children" : 0 , "total_infant" : 0 , "total_price" : 900.00 , "adult_info" : [{ "name" : "Amina Hassan" , "passport" : "AB123456" }], "child_info" : [], "infant_info" : [], "guide" : "James Oduya" , "guide_phone" : "+255712345678" , "package" : { "title" : "Serengeti Safari Adventure" , "slug" : "serengeti-safari-adventure" , "cover" : "https://tripfy.africa/assets/upload/packages/serengeti.jpg" }, "created_at" : "2024-06-01 10:23:45" } }
curl https://tripfy.africa/api/v1/bookings/bk_a1b2c3d4 \ -H "Authorization: Bearer YOUR_TOKEN"
Cancel a booking Cancel a booking that is in Pending Payment (status 0) or Confirmed (status 1) state. Completed, already-cancelled, refunded, or processing bookings cannot be cancelled through this endpoint.
POST /api/v1/bookings/{uid}/cancel
Path parameter The booking UID to cancel.
Response 200 OK { "message" : "Booking cancelled successfully." }
If the booking is not in a cancellable state the API returns 422 Unprocessable Entity with { "message": "This booking cannot be cancelled in its current status." }.
curl -X POST https://tripfy.africa/api/v1/bookings/bk_a1b2c3d4/cancel \ -H "Authorization: Bearer YOUR_TOKEN"
Get profile Return the full profile of the authenticated user, including vendor information and active subscription plan details.
Response 200 OK Country dialling code, or null.
Primary address line, or null.
Secondary address line, or null.
Profile image URL, or null.
Whether the account has guide/vendor privileges.
KYC verification status code.
Present when is_vendor is true. Present when the user has an active subscription. Subscription expiry date.
Account creation date (YYYY-MM-DD).
{ "data" : { "id" : 42 , "firstname" : "Amina" , "lastname" : "Hassan" , "email" : "[email protected] " , "phone" : "+255712345678" , "phone_code" : "+255" , "address_one" : "123 Kenyatta Road" , "address_two" : null , "image" : "https://tripfy.africa/assets/upload/users/amina.jpg" , "is_vendor" : false , "kyc_status" : 1 , "vendor_info" : null , "active_plan" : null , "created_at" : "2024-06-01" } }
curl https://tripfy.africa/api/v1/user/profile \ -H "Authorization: Bearer YOUR_TOKEN"
Update profile Update one or more editable profile fields. Only the fields you include in the request body are changed — omitted fields are left unchanged.
Request parameters First name. Maximum 100 characters.
Last name. Maximum 100 characters.
Phone number. Maximum 20 characters. Pass null to clear.
Primary address line. Maximum 255 characters. Pass null to clear.
Secondary address line. Maximum 255 characters. Pass null to clear.
Response 200 OK "Profile updated successfully."
The updated profile object (same shape as get profile).
{ "message" : "Profile updated successfully." , "data" : { "id" : 42 , "firstname" : "Amina" , "lastname" : "Rashid" , "phone" : "+255798765432" } }
curl -X PUT https://tripfy.africa/api/v1/user/profile \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{"lastname": "Rashid", "phone": "+255798765432"}'
Change password Update the authenticated user’s password. All existing tokens are revoked after a successful change, forcing re-authentication on all devices.
PUT /api/v1/user/password
Request parameters The user’s current password.
The new password. Must be at least 8 characters and contain mixed case and at least one number.
Must match password exactly.
Response 200 OK { "message" : "Password changed successfully. Please log in again." }
All tokens are revoked on a successful password change. Your current token will no longer work — you must call /auth/login to get a new one.
curl -X PUT https://tripfy.africa/api/v1/user/password \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "current_password": "OldPass1", "password": "NewSecurePass2", "password_confirmation": "NewSecurePass2" }'
User statistics Return a summary of the authenticated user’s booking activity. Useful for building a dashboard home screen.
Response 200 OK Total bookings across all statuses.
Bookings awaiting payment (status 0).
Confirmed bookings (status 1).
Completed bookings (status 2).
Cancelled bookings (status 3).
Sum of total_price for confirmed and completed bookings, in USD.
Present when the user has an active subscription plan. { "data" : { "total_bookings" : 7 , "pending_bookings" : 1 , "confirmed_bookings" : 3 , "completed_bookings" : 2 , "cancelled_bookings" : 1 , "total_spent" : 2250.00 , "active_plan" : null } }
curl https://tripfy.africa/api/v1/user/stats \ -H "Authorization: Bearer YOUR_TOKEN"
Payment webhooks Payment gateways send IPN (Instant Payment Notification) callbacks to the following endpoint. This endpoint is public — it is called by external providers, not by your app.
POST /api/payment/{gateway}/{transaction}/{type} GET /api/payment/{gateway}/{transaction}/{type}
This endpoint is for payment gateway use only. You do not need to call it from your integration. Implement webhook verification logic inside PaymentController::gatewayIpn to validate the incoming payload signature.
Path parameters Payment gateway code, e.g. stripe, flutterwave.
Transaction reference from the gateway. Optional depending on gateway.
Callback type from the gateway (e.g. ipn, return, cancel). Optional.
