1. Webhooks
Arcanum Pay
  • Arcanum API
    • Getting Started
      • Documentation Overview
      • Request Authorization
    • API Reference V1
      • Create Deposit
      • Create Withdrawal
      • Get Deposit Status
      • Get Withdrawal Status
      • Get Merchant Balance
    • Webhooks
      • Callback Verification
      • Callback Payload
    • Schemas
      • DepositResponseDto
      • UserDataDto
      • CreateDepositDto
      • WithdrawalResponseDto
      • CreateWithdrawalDto
      • StatusResponseDto
      • MerchantBalanceDto
      • MerchantBalancesResponseDto
  1. Webhooks

Callback Verification

Verifying Callback Signatures#

When the system sends a callback to your callbackUrl, the request body includes a signature field. You should verify it to ensure the callback is authentic.

Callback Payload for example#

{
  "operationId": "uuid",
  "operationType": "deposit",
  "status": 1,
  "amount": "100.00",
  "currency": "USDT",
  "paymentMethod": "card",
  "merchantOperationId": "order-001",
  "signature": "hex-string"
}

Callback Signature Verification#

The callback signature is computed as HMAC-SHA256 over the JSON-stringified payload (all fields except signature, keys sorted alphabetically).
Modified at 2026-05-28 13:57:30
Previous
Get Merchant Balance
Next
Callback Payload
Built with