Attribloom
All terms

Links

Server-to-server postback

A server-to-server postback is a signed HTTP request your backend sends to an attribution platform when a conversion happens, instead of relying on a browser pixel. It is tamper-resistant and works where cookies do not.

Client-side pixels can be blocked, duplicated, or spoofed. A postback moves the report to your server, where you can sign it and control exactly what is sent.

Attribloom accepts postbacks signed with HMAC over the timestamp and raw body, with a per-surface secret. That makes each conversion authenticated, replay-protected, and attributable from any platform, including custom stores and website builders.

Frequently asked

How do I secure a postback?

Sign the timestamp and raw request body with a shared secret using HMAC-SHA256, send the signature in a header, and have the receiver verify it before accepting the conversion.

Related

Learn more

Get startedSee pricingSee integrations