This section describes the webhook events that are sent to your backend systems triggered by specific trade/trader events.
Important:
Validating the webhook signatures is a necessary and crucial part of integration for all API integrated partners. Even as a Trade Widget integrated partner, this implementation is highly recommended, especially if you're a centralised exchange or similar and custody the end-users' funds.
Without receiving and validating a specific callback event, you should not show, change, or deliver any trade related information or value to your end users.
Coinify is not liable for any financial losses that are caused by not validating the webhook signature!
Webhook events perform signed HTTP POST requests about specific events to a URL of your choice.
You can find the list of IP addresses from which Coinify’s system sends webhook events here: IP address list
Setting up the webhook URL with Coinify:
In order to receive webhook events, you must provide Coinify with a webhook URL where the callbacks will be sent to, as well as a secret (UUID format) that will be used to sign the webhook payloads. The secret should be shared via secure channels. If you prefer, the secret can be generated on Coinify’s side and then shared with you.