HTTP-notifications

  1. Cryptonator's Help Center
  2. Merchant account
  3. Notifications

HTTP-notifications come in handy if you want to receive instant payment notification (IPN) and instantly identify every incoming payment.

You can set default URL for these callbacks in your account, section MERCHANT, tab Advanced Settings. There you can also test whether your URL is capable of receiving such notifications.

HTTP-notifications format

Cryptonator sends HTTP-notification every time when payment status changes. It is a HTTP request to the URL specified in the account settings, in the following format:

  • POST method.
  • Key/value pairs for each notification parameter, packed as HTTP 2 / 1.1 POST request parameters.
  • MIME type: application/x-www-form-urlencoded.
  • UTF-8 encoding.

Cryptonator makes five attempts to deliver the notification: immediately, one minute later, then 5 minutes later, 30 minutes later and after one hour. Notification is considered received when we get the 200 OK response code from your server. 

Though you can receive notifications over plain HTTP, we recommend using encrypted HTTPS. In this case please make sure that your SSL/TLS certificate is valid and properly signed, otherwise notifications will fail. You can get free SSL/TLS certificate on https://letsencrypt.org/

Response parameter name

Type and Values

Description

merchant_id

<UUID>

Merchant ID

invoice_id

<UUID>

Invoice ID

invoice_created

<timestamp>

Creation timestamp UTC

invoice_expires

<timestamp>

Expiration timestamp UTC

invoice_amount

<decimal>

Invoice amount

invoice_currency

<string>

Invoice currency

invoice_status

<string>

 

unpaid
confirming
paid
cancelled
mispaid

Invoice status

invoice_url

<string>

URL of the hosted payment page

order_id

<string>

Your ID for this order

checkout_address

<string>

Cryptocyrrency payment address

checkout_amount

<decimal>

Amount due in cryptocurrency

checkout_currency

<string>

Checkout cryptocurrency

date_time

<timestamp>

Timestamp update, UTC

secret_hash

<string>

Verification hash

 

secret_hash = sha1(string&secret)

 

Response example

merchant_id=0dd0cf6fd32308b34c6e8b9cb578251f&invoice_id=baf37c414289a5a07095990e536ca958&invoice_created=1457641674&invoice_expires=1457642874&invoice_amount=0.07000000&invoice_currency=usd&invoice_status=unpaid&invoice_url=https://www.cryptonator.com/merchant/invoice/baf37c414289a5a07095990e536ca95&order_id=00001&checkout_address=D5atzDQ6Dipp2cp7Z4tHDLHBTAWHCH4F9D&checkout_amount=292.14880000&checkout_currency=dogecoin&date_time=1457641674&secret_hash=96557e2334cf656287417fe0c85e4581e6815dfc

 

How no compute and check the secret_hash value

A secret_hash contains the SHA-1 hash function value from packing ALL notification parameters together with your secret.

secret_hash = sha1(string&secret)

To check the integrity and authenticity of the received notification, compute the hash using the algorithm below. Compare the obtained data with the value of the secret_hash parameter in the received notification.

String format

merchant_id&invoice_id&invoice_created&invoice_expires&invoice_amount&invoice_currency&invoice_status&invoice_url&order_id&checkout_address&checkout_amount&checkout_currency&date_time&secret

String example

0dd0cf6fd32308b34c6e8b9cb578251f&baf37c414289a5a07095990e536ca958&1457641674&1457642874&0.07000000&usd&unpaid&https://www.cryptonator.com/merchant/invoice/baf37c414289a5a07095990e536ca95&00001&D5atzDQ6Dipp2cp7Z4tHDLHBTAWHCH4F9D&292.14880000&dogecoin&1457641674&334cf656287417fe0c85e4

Should one of the received notification parameters contain no value, simply insert & into the string.

Always check the value of the secret_hash parameter. This is necessary to verify the integrity of the notification data and to make sure that the notification was indeed sent by Cryptonator.