Comment on page
Callbacks

To receive order status transition updates in a "push" manner you might consider using callbacks.
Setup callback
In order to receive you firstly need to specify the endpoint where you expect a callback to come.
Use add setting endpoint to specify the:
callback url [required] - use callback.url setting name
callback secret [optional] - use callback.secret setting name
If callback.secret is set up a special header will be passed along with every callback request:
X-Payload-Digest
The value of it is a HmacSHA1 signature of the callback's body created using the callback secret provided by the user.
Ip of callback sender: 
3.64.51.60
Callback
The callback is executed as a POST request to the callback.url endpoint provided by the user.
If provided endpoint for some reason (bad status code, timeout, etc) can't handle callback it will be retried multiple times.
POST {callback.url}
​
Content-Type: application/json
X-Payload-Digest: {signature}
​
{
    "amount": 100.0,
    "balanceAfterPayment": 534.71672,
    "clientOrderId": null,
    "comment": null,
    "createdAt": "2022-01-18T10:16:00.577807Z",
    "currency": "USDT",
    "externalId": "externalId",
    "id": "PMT-18162cf8-ea1c-4210-ab6b-e73286b923df",
    "method": "CRYPTOCOIN",
    "orderId": "ORD-81b84975-4487-43f4-a8ab-57a95ee4e695",
    "orderType": "PAYIN",
    "payUrl": null,
    "payinBankAccount": null,
    "payoutCardNumber": null,
    "payoutCryptoAddress": null,
    "reason": null,
    "status": "SUCCESS",
    "transactionType": "DEBIT",
    "transferTo": null
}
Python code callback verification example
import hashlib
import hmac
import binascii
​
SECRET = 'secret_value' #value set in cabinet callback settings
​
def verifySignature(callback_raw_response, callback_headers):
    callback_signature = callback_headers['X-Payload-Digest']
    dig = hmac.new(bytes(SECRET , 'utf-8'), bytes(callback_raw_response , 'utf-8'), hashlib.sha1).digest()
    signature = binascii.hexlify(dig).decode()
    return callback_signature == signature
​
callback_raw_response = '{"field":"value"}' # use raw unformatted response body
callback_headers = {"X-Payload-Digest": "7e36242a10fd65cbaacd7ff288df9fd3f9e75a46"} # header from response
​
print(verifySignature(callback_raw_response, callback_headers))
User
Crypto Acquiring
Last modified 6mo ago