Callback are sent to merchant's server when the customer's payment already paid or when transaction status changed. These callbacks indicates merchant to update payment status or take suitable actions.

Configuring Callback

Nusagate Callback can be configured by configuring Callback URL from Settings on Dashboard. Follows the steps given below :

1. Login to your Nusagate Account

2. On the Dashboard, go to Settings > Developers > Callback

3. Enter your Callback URL

Setup Callback

You need to provide an endpoint in your system to receive callback from us. The callback notification will be sent over POST request to your callback URL that you have set. Setup your callback URL in Callback settings. You can use a tool like ngrok to make your endpoint available for receiving callback during testing. You need to give response of callback must be like this, so your callback will be given status COMPLETED but if not your callback will be given status INVALID

{
    "message" : "OK"
}

Callback Invoice Payload

Request :

HTTP Method : POST

Header : x-callback-token : CALLBACK_TOKEN

Payload :

{
  "id": "f34809aa-3c18-4651-bd27-3450e00a71b8",
  "slug": "INV-220111871-UMDQNB",
  "email": "invoiceapi@hore.com",
  "price": 1000000,
  "paidAt": "2022-01-11T09:56:07+07:00",
  "status": "COMPLETED",
  "dueDate": "2021-10-29T03:26:07.255Z",
  "createdAt": "2022-01-11T09:54:07+07:00",
  "updatedAt": "2022-01-20T14:35:34+07:00",
  "externalId": null,
  "completedAt": "2022-01-11T09:58:07+07:00",
  "description": "...",
  "payCurrency": "ETH",
  "paymentLink": "https://checkout.nusagate.com/?id=f34809aa-3c18-4651-bd27-3450e00a71b8",
  "phoneNumber": "628437282123",
  "baseCurrency": "IDR"
}

Callback Transfer Payload

Request :

HTTP Method : POST

Header : x-callback-token : CALLBACK_TOKEN

Payload :

{
  "id": "EXAMPLE_TRANSFER_CALLBACK",
  "externalId": "EXAMPLE_TRANSFER_CALLBACK",
  "slug": "MT-220928615-EXAMPLE",
  "status": "CONFIRMED",
  "amount": 21,
  "fee": 1,
  "receivedAmount": 20,
  "confirmedAt": "2022-09-28T09:03:16.374Z",
  "currencyCode": "USDT_TRC20",
  "paymentType": "BALANCE",
  "createdAt": "2022-09-28T09:02:04.550Z",
  "updatedAt": "2022-09-28T09:03:16.385Z"
}

Security

Keeping your endpoints secure is critical to protecting your customers' information. Nusagate provides several ways for you to verify events are coming from Nusagate in a secure manner.

1. Receive events with an HTTPS server

If you use an HTTPS URL for your callback endpoint, Nusagate will validate that the connection to your server is secure before sending your callback data. For this to work, your server must be correctly configured to support HTTPS with a valid server certificate.

2. Verify events are sent from Nusagate

Nusagate can optionally sign the callback events it sends to your endpoints. We do so by including a token in each event's x-callback-token header. This allows you to verify that the events were sent by Nusagate, not by a third party.

Delivery Attempts and Retries

Understand how to view delivery attempts and retry logic when callback events aren't acknowledged

View events

When viewing information about a specific event through the Dashboard's Callback tab, you can check how many times Nusagate attempted to send an event to the endpoint. This shows the latest response from your endpoint, a list of all attempted callback, and the respective HTTP status codes Nusagate received.

Retry logic

Nusagate attempts to deliver your callback six times with exponential backoff between each interval and will stop retrying until we have received response from your server or there is still no response yet