Conversion
Your server sends POST /v1/conversions with integer minor units, currency, a stable externalId, and an affiliate click or code. Sign timestamp-dot-raw-body with HMAC-SHA256 and send the surface, timestamp, and signature headers.
- Use Unix seconds and a fresh timestamp.
- Sign the exact bytes you send.
- Keep the secret server-side.
- Retry with the same externalId so duplicates remain safe.
Refund
Send POST /v1/conversions/refund with the original externalId, a stable refundId, refunded minor units, and matching currency. Full and partial refunds reverse the corresponding commission on the same ledger.
What this does not do
A signed postback proves the configured server sent the event. It does not validate an unsigned browser claim, replace your order system, or make floating-point currency safe.