Merchant Callbacks Reference

Firstly, see the Quick Start for easy instructions and pseudo-code showing how to properly verify and consume callbacks.

Authentication and Integrity

Authentication: you must verify the requests come with expected authorization header. See the Quick Start for details.

Integrity: fields that are marked “untrusted” come through the user browser and must be verified against your database. The values must match. If they don’t then user tampered with them. You must compare both total and currency with your database.

Expected response from your app

Your app should return HTTP status code 200 OK to confirm reception of the callback, even if you recognized user tampering and won’t ship. Your app should return other relevant status codes if request isn’t properly authenticated (most likely a misconfiguration) or request is malformed (for example, JSON body doesn’t parse).

Callback: payment completed successfully

The payment has been successfully settled and you can ship the order.

This is the only callback you need to support in your app.

Request URL:

POST payment_completed_notification_url

…where payment_completed_notification_url represents full URL you set in the config file.

Request headers:

Authorization: Bearer <cypherpunkpay_to_merchant_auth_token>

Request body (example):

{
  "untrusted": {
    "merchant_order_id": "whatever you rendered in the checkout form",
    "total": "12.34",
    "currency": "usd"
  },
  
  "status": "completed",    
  "cc_total": "0.000998",
  "cc_currency": "btc"
}

All fields are technically strings, including the amounts to facilitate precise decimals.

All fields are guaranteed present.

Callback: payment failed

You do not necessarily need to handle this callback. The minimal merchant integration only needs the happy-path callback.

The payment has been cancelled or expired. Both user and merchant can manually cancel the payment. Expiration happens when user failed to initiate the payment within default 20 minutes OR the full amount failed to sufficiently confirm within default 48 hours.

Both cancelled and expired are final states, except when the merchant manually changes payment status in CypherpunkPay admin panel.

Request URL:

POST payment_failed_notification_url

…where payment_failed_notification_url represents full URL you set in the config file.

Request headers:

Authorization: Bearer <cypherpunkpay_to_merchant_auth_token>

Request body (example):

{
  "untrusted": {
    "merchant_order_id": "whatever you rendered in the checkout form",
    "total": "12.34",
    "currency": "usd"
  },
  
  "status": "cancelled"
}

All fields are technically strings, including the amounts to facilitate precise decimals.

The merchant_order_id, total, currency and status fields are guaranteed present.

The status value will be either cancelled or expired.