Keabank

For developers

Callback URL

The Callback URL is the endpoint where the system will send POST requests to notify the merchant about the status of a transaction.

Callback Endpoint Example

POST https://example.com/api/v1/callbacks

Request Details

Header name
callback-signature
Description
HMAC-SHA256 signature for request validation. Generated by encrypting request body using
integrationId
as an encryption key.
Example value
"K/VdzcGK46JCQdGYMt7BH8T4YGoSrR/OhCP2osaVEPI="

HMAC Signature Generation

The callback-signature is generated using the HMAC-SHA256 algorithm. It ensures the authenticity of the request.

Algorithm Steps:

  1. Concatenate the integrationId and the request body.
  2. Use the HMAC-SHA256 algorithm with the integrationId as the secret key to hash the concatenated string.
  3. Base64-encode the resulting hash.
  4. Compare result with client’s signature

Example Callback Request

POST Request:
POST https://example.com/api/v1/callbacks
Content-Type: “application/json”
callback-signature: "K/VdzcGK46JCQdGYMt7BH8T4YGoSrR/OhCP2osaVEPI="
Body:
{
  "operationId": "some_order_id",
  "amount": 1.000000000000000000,
  "currency": "USDT_TRC20",
  "status": "COMPLETED",
  "comment": "some_payment_purpose",
  "transactionHash": "baa621e1a072c1735da651accf7a1962cfc843eb144607d9ff396dd57997fdc2"
}