Postback

When a user completes an offer or survey, we send a postback. This is how we tell your server that one of your users has successfully completed an offer. You can then use the information to reward your users.
You can customize the postback link to include all the parameters you need to reward your users. To achieve this, you'll need to customize your postback URL with the desired parameters.

Our server will make a HTTP POST request to your server including all of the following parameters.

Parameter Description Example
subId Unique user identifier, passed by publisher. revlum1
transId Transaction ID. Use this to prevent double booking REV-351
offerName Name of the completed offer. Revlum - Sign up and Earn
reward User reward in app currency. You can configure it in the currency settings. 25.0
reward_name The name of your in app currency. Coins
payout Complete payment in USD, paid to the publisher. 0.100000
userIp The user's IP address who completed the action. 192.168.1.1
country The country the user took the offer from as ISO2 Code. US
status Determines whether to add or subtract the amount of the reward. "1" is when the virtual currency should be added to the user and "2" when it should be subtracted. 1 (valid) / 2 (chargeback)
debug Check if it’s a test or a live postback call. 1 (test) / 0 (live)
signature MD5 hash that can be used to verify that the call has been made from our servers. 17b4e2a70d6efe9796dd4c5507a9f9ab

Notice

"reward" and "payout" parameters are always absolute values, you will need to check status parameter to see if you need to add or subtract that amount from your users.

S2S Postback Security

In order to make postbacks safe, you should verify the signature received in the postback. This is an important feature for you to make sure that the postback, which you use as a base to reward your users, is coming from Revlum and is not fake. By checking the hash, you can be sure that the postback was actually sent by us and that it is legit.
Signature parameter should match MD5 of subId transactionId reward secret key. You can find your secret key in My Websites section.

The formula to be checked is as follows:

<?php
   $secret = ""; // Get your secret key from Revlum
 
   $subId = isset($_REQUEST['subId']) ? $_REQUEST['subId'] : null;
   $transId = isset($_REQUEST['transId']) ? $_REQUEST['transId'] : null;
   $reward = isset($_REQUEST['reward']) ? $_REQUEST['reward'] : null;
   $signature = isset($_REQUEST['signature']) ? $_REQUEST['signature'] : null;
 
   // Validate Signature
   if(md5($subId.$transId.$reward.$secret) != $signature)
   {
    echo "ERROR: Signature doesn't match";
    return;
   }
 ?>

Our servers wait for a response for a maximum time of 60 seconds before the timeout. In this case, postback will be marked as failed. Please, check if the transaction ID sent to you was already entered in your database, this will prevent to give twice the same amount of virtual currency to the user.


Whitelist our IP

We will be sending postbacks from any of the following IP addresses. Please make sure they are whitelisted if needed to be in your server.

209.159.156.198

Postback Response

Our servers will expect your website to respond with "ok". If your postback doesn't return "ok" as response, postback will be marked as failed (even if postback was successfully called) and you will be able to resend it manually from our website.

Developers

Integrate offerwall now.

Documentation
Image Description

Brands

Acquire users at scale.

Launch campaign
Image Description