Server-to-Server Payouts
Once a user meets the campaign criteria for rewards, it's time to initiate the payout—sending the rewards to the user. Publishers issue these payouts upon receiving a payout request callback from adjoe's backend. The request is made to the S2S API URL
configured for the publisher for their SDK in the Publisher Dashboard.
Set Up Server-to-Server (S2S) Payouts
To enable S2S payouts, set up an endpoint on your server to receive notifications about user rewards from adjoe. When a request is made to your endpoint, you then must manage the distribution of these rewards to the users. Be aware that once a reward is distributed, it cannot be allocated again.
Endpoint Structure
The key names can be customized, or you can use the default names. Please ensure that no special characters should be included in the values, otherwise our backend may transform the request, which could cause issues with the payout. Some of these values include: []
.
=
Default
GET
/ https://example.com/example?sid={sid}&trans_uuid={trans_uuid}&user_uuid={user_uuid}¤cy={currency}&coin_amount={coin_amount}&device_id={device_id}&sdk_app_id={sdk_app_id}&app_id={app_id}&reward_level={reward_level}&app_name={app_name}&reward_type={reward_type}&publisher_sub_id1={publisher_sub_id1}&publisher_sub_id2={publisher_sub_id2}&publisher_sub_id3={publisher_sub_id3}&publisher_sub_id4={publisher_sub_id4}&publisher_sub_id5={publisher_sub_id5}&placement={placement}&ua_network={ua_network}&ua_channel={ua_channel}&ua_subpublisher_encrypted={ua_subpublisher_encrypted}&ua_subpublisher_cleartext={ua_subpublisher_cleartext}
Customized (Example)
GET
/ https://example.com/example?user_id={user_uuid}&sid={sid}&point_amount={coin_amount}&points={currency}&trans_uuid={trans_uuid}&ua_network={ua_network}&ua_channel={ua_channel}&playtime_placement={placement}&custom_id={publisher_sub_id1}
To achieve successful payouts, the user user_uuid
must match the value set as the user_id in the redirect URL. More details can be found in Supported URL Parameters.
Parameter | Detail | Format | Type |
---|---|---|---|
| Identifies the user eligible for rewards. This ID must align with the one provided during SDK initialization. |
| Required |
| The request signature, used to verify request authenticity. Requires a token, which will be shared with you by your Account Manager. Detailed setup instructions below. |
| Required |
| The unique transaction ID. |
| Required |
| The amount of virtual currency the user should get. |
| Required |
| The name of the virtual currency. |
| Required |
| App ID of the SDK. Example: |
| Optional |
| App ID that is used to generate usage. |
| Optional |
| Optional external device ID. |
| Optional |
| URL encoded app name in English |
| Optional |
| The name of the reward level of the game. |
| Optional |
| The type of reward given. Example: Advance, Playtime, AdvancePlus, AdvancePlusWeb, CoinStreakBonus, Event. |
| Optional |
| The network from which the user was acquired, e.g., adwords, facebook, organic. |
| Optional |
| The channel of the campaign in the network that led to the user's acquisition, e.g., incent, video. |
| Optional |
| The encrypted package name or app id of the sub-publisher app within the network from which the user was acquired. |
| Optional |
| The cleartext package name of app id of the sub publisher app in the network where the user was acquired, e.g., |
| Optional |
| The placement of Playtime inside your app, e.g., |
| Optional |
| Category of the App that user played. Example: Board, Casino, Casual, Entertainment, Puzzle, Other |
| Optional |
| The name of the milestone/event that user completed to receive this reward. Event-based campaigns (Advance+) only. |
| Optional |
| The description of the milestone/event that user completed to receive this reward. Event-based campaigns (Advance+) only. |
| Optional |
| Value set in the extension object to be returned in the S2S payout URL. |
| Optional |
| Value set in the extension object to be returned in the S2S payout URL. |
| Optional |
| Value set in the extension object to be returned in the S2S payout URL. |
| Optional |
| Value set in the extension object to be returned in the S2S payout URL. |
| Optional |
| Value set in the extension object to be returned in the S2S payout URL. |
| Optional |
Calculate the SID
For security measures, a request signature is necessary to verify the authenticity of the request. It's important to calculate the sid
parameter in your backend and compare it with the parameter received in the callback URL. The sid
is generated as an SHA1 hash using the required query parameters and the encoding is hexadecimal. Your Account Manager will provide you with the necessary parameter, the s2s_token
. The general format for this is as follows - no other parameters are included in the calculation:
If sdk_app_id
and/or device_id
are not present in the endpoint URL, they will be excluded from the sid
calculation. The sid
will then be calculated as follows:
Below is an example script that shows how to calculate the sid
and compare it to the value in the callback URL sent by adjoe. You would implement some version of this in your backend.
S2S Security
When we make payout request to publishers, we send an HTTP request from any of the following IP addresses:
To enhance security, use these IP addresses for IP-level blocking on endpoints receiving adjoe's S2S payout requests. Allow only these specific IPs access.
Retry Logic
If we receive a 4xx / 5xx from your endpoint, we have an established retry logic for the failed S2S requests.
For Playtime Campaigns
If a request fails, we retry after 10 minutes. A second failure prompts a retry in another 10 minutes. Subsequent failures lead to retries every 2 hours from the initial failed attempt. The time windows are additional, so it's roughly 12hrs in total.
For Advance and Advance+ Campaigns
If a request fails, we retry five more times, with each attempt spaced 30 seconds apart.
If you observe an extended period of unsuccessful requests, contact your Account Manager for further investigation into the issue.
Best Practices for Rewarding Users
If you payout with real money, we recommend that you implement KYC processes, reward cooldowns, and individual limits on the amount of rewards the user can get:
KYC or Know Your Customer: This verification process, used by businesses and financial institutions, confirms the identity of your users to prevent fraud. It involves collecting and verifying identification documents, such as government-issued IDs or proof of address, ensuring that users are who they claim to be.
Reward Cooldowns: Temporarily restrict users from receiving additional rewards after receiving one. This helps maintain fairness and prevents exploitation of the rewards system, like receiving rewards too frequently.
Individual Limits: To prevent abuse of the rewards systems, set daily limits on the amount of rewards a user can earn. For example, you might cap rewards at $50 USD per day.
Last updated