{"_id":"58b6201ebf591419003139d1","category":{"_id":"56e9fe9779708c0e002b6026","pages":["56e9fea046ea9b0e001ddda0","56e9fecacda7120e00b5b13c","56ea01757e21ac0e00131024","56ea0a0679708c0e002b6031","56ea0b117e21ac0e0013102f","56ea13b0cf35bf0e00adb8df","56eb33659b984b29002136a8","56eb341d9b984b29002136ae","56eb342f3d6fdb3200a72302"],"version":"55909cb433090f0d004d25d8","__v":9,"project":"558b53f749dc4f0d00517de0","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-03-17T00:47:19.023Z","from_sync":false,"order":9,"slug":"beta","title":"Wallet Management"},"project":"558b53f749dc4f0d00517de0","__v":0,"parentDoc":null,"githubsync":"","user":"54eb883f4f94620d00789aaa","version":{"_id":"55909cb433090f0d004d25d8","project":"558b53f749dc4f0d00517de0","forked_from":"558b53f749dc4f0d00517de3","__v":8,"createdAt":"2015-06-29T01:17:40.214Z","releaseDate":"2015-06-29T01:17:40.214Z","categories":["55909cb433090f0d004d25d9","55909cb433090f0d004d25da","55909cb433090f0d004d25db","55909cb433090f0d004d25dc","56c72c00197f9f1700c811db","56c72df5b3625c0d00422c9e","56e1b646150ed52d0062c652","56e9fe9779708c0e002b6026","57312dc94245100e001743f4","57646a570742400e00c04701","5894c96f4d9c7e27002e42ba"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"2.0.0","version":"2"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2017-03-01T01:13:02.359Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":6,"body":"We provide a series of HTTP callbacks that allow you to notify users when funds have been deposited and when they become available.\n\n###When callbacks are sent\nCallbacks are sent whenever a transactional event occurs that will affect the wallet's balance. Examples include:\n* Incoming pending transaction\n* Pending transaction confirmed\n* Outgoing transaction\nYou may receive two callbacks for a single transaction. This is especially true for transactions on the blockchain. In these cases, you would receive one callback when the transaction is first observed and one callback once the transaction is confirmed.\n\n###Callback Acceptance and Retries\nYour system should respond to the callback request with a 200 response. We only attempt to send the request once, but we may introduce automatic retries in the future. We can manually resend callbacks upon request.\n\n###Payload\nThe callback payload will be a JSON representation of the transaction that has caused the callback to trigger. An example of such a transaction can be found below:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"{\\n            \\\"id\\\": \\\"4vofvbjjvo4g5cn03ibcosja5mks3o22opskgmicdh\\\",\\n            \\\"source\\\": \\\"bitcoin:EXTERNAL\\\",\\n            \\\"dest\\\": \\\"wallet:2ef8mls9v9ovvqimiv2jmn0d33nf30dt\\\",\\n            \\\"currency\\\": \\\"LTC\\\",\\n            \\\"amount\\\": 0.0001,\\n            \\\"status\\\": \\\"CONFIRMED\\\",\\n            \\\"createdAt\\\": 1436996049910,\\n            \\\"confirmedAt\\\": 1436996049910,\\n            \\\"invalidatedAt\\\": null,\\n            \\\"message\\\": \\\"One Banana nut muffin please!\\\",\\n            \\\"equivalencies\\\": {\\n                \\\"EUR\\\": 0.03,\\n                \\\"BRL\\\": 0.1,\\n                \\\"AUD\\\": 0.04,\\n                \\\"USD\\\": 0.03,\\n                \\\"GBP\\\": 0.02\\n            },\\n            \\\"senderId\\\": null,\\n            \\\"senderProvidedId\\\": null,\\n            \\\"reversedBy\\\": null,\\n            \\\"relatedTx\\\": null,\\n            \\\"blockchainTx\\\": null,\\n            \\\"rates\\\": null,\\n            \\\"sourceName\\\": \\\"EXTERNAL\\\",\\n            \\\"sourceIcon\\\": null,\\n            \\\"destName\\\": \\\"muffinTop:::at:::sendwyre.com\\\",\\n            \\\"destIcon\\\": null\\n        }\",\n      \"language\": \"json\"\n    }\n  ]\n}\n[/block]\n\n###Security Signature\nIn order to prevent callback spoofing, we provide a signature with the callback passed back through the HTTP header X-API-Signature.\n\nThis signature is a SHA256 HMAC signature of the JSON body signed with the merchant's secret key. To the right you can find example implementations of the signature.\n\nNote: It's important to verify the signature in the callback, otherwise it is possible for the request to be spoofed by an external attacker.","excerpt":"","slug":"callbacks-1","type":"basic","title":"Callbacks"}
We provide a series of HTTP callbacks that allow you to notify users when funds have been deposited and when they become available. ###When callbacks are sent Callbacks are sent whenever a transactional event occurs that will affect the wallet's balance. Examples include: * Incoming pending transaction * Pending transaction confirmed * Outgoing transaction You may receive two callbacks for a single transaction. This is especially true for transactions on the blockchain. In these cases, you would receive one callback when the transaction is first observed and one callback once the transaction is confirmed. ###Callback Acceptance and Retries Your system should respond to the callback request with a 200 response. We only attempt to send the request once, but we may introduce automatic retries in the future. We can manually resend callbacks upon request. ###Payload The callback payload will be a JSON representation of the transaction that has caused the callback to trigger. An example of such a transaction can be found below: [block:code] { "codes": [ { "code": "{\n \"id\": \"4vofvbjjvo4g5cn03ibcosja5mks3o22opskgmicdh\",\n \"source\": \"bitcoin:EXTERNAL\",\n \"dest\": \"wallet:2ef8mls9v9ovvqimiv2jmn0d33nf30dt\",\n \"currency\": \"LTC\",\n \"amount\": 0.0001,\n \"status\": \"CONFIRMED\",\n \"createdAt\": 1436996049910,\n \"confirmedAt\": 1436996049910,\n \"invalidatedAt\": null,\n \"message\": \"One Banana nut muffin please!\",\n \"equivalencies\": {\n \"EUR\": 0.03,\n \"BRL\": 0.1,\n \"AUD\": 0.04,\n \"USD\": 0.03,\n \"GBP\": 0.02\n },\n \"senderId\": null,\n \"senderProvidedId\": null,\n \"reversedBy\": null,\n \"relatedTx\": null,\n \"blockchainTx\": null,\n \"rates\": null,\n \"sourceName\": \"EXTERNAL\",\n \"sourceIcon\": null,\n \"destName\": \"[email protected]\",\n \"destIcon\": null\n }", "language": "json" } ] } [/block] ###Security Signature In order to prevent callback spoofing, we provide a signature with the callback passed back through the HTTP header X-API-Signature. This signature is a SHA256 HMAC signature of the JSON body signed with the merchant's secret key. To the right you can find example implementations of the signature. Note: It's important to verify the signature in the callback, otherwise it is possible for the request to be spoofed by an external attacker.