This section describes the webhook events that are sent to your backend systems triggered by specific trade/trader events.

👍
Setting up the webhook URL with Coinify:
In order to receive webhook events, you must provide Coinify with a webhook URL where the callbacks will be sent to, as well as a secret (UUID format) that will be used to sign the webhook payloads. The secret should be shared via secure channels. If you prefer, the secret can be generated on Coinify’s side and then shared with you.

❗️
Important:
Validating the webhook signatures is a necessary and crucial part of integration for all API integrated partners. Even as a Trade Widget integrated partner, this implementation is highly recommended, especially if you're a centralised exchange or similar and custody the end-users' funds.
Without receiving and validating a specific callback event, you should not show, change, or deliver any trade related information or value to your end users.
Coinify is not liable for any financial losses that are caused by not validating the webhook signature!
See how to validate webhook signatures here.
For additional security, please see the list of Coinify's IP addresses from which our system sends the callbacks/webhook events here. Coinify will never send callbacks from an IP which is not in this list.

Webhook events perform signed HTTP POST requests about specific events to a URL of your choice.

You can find the list of IP addresses from which Coinify’s system sends webhook events here: IP address list