Step 4: Rewarding Strategy

To ensure that users receive their virtual currency or premium service after successfully completing an offer or payment, you must create an endpoint on your server that we can request to notify you of the user reward. Once you receive the notification, it is up to you to deliver that reward to the user.


Our system expects an HTTP 200 response to indicate that you have successfully processed the callback. All other HTTP response codes indicate a failure.
For more information on setting up your endpoint, refer to the advanced configuration section on implementing a server-side callback.

For more details on Reward Handling, click here

Callback Structure and Behavior

Fyber calls your endpoint with an HTTP GET request. When we request your endpoint, we add in several parameters.

Added Automatically



The ID of the user to be credited.



The request signature, which you should verify to ensure the request's authenticity.

The sid is computed as a SHA1 hash of the request parameters:
sid = sha1(security_token + user_id + amount + _trans_id_ + pub0 + pub1 + pub2 + …)



The amount of virtual currency the user should be credited.



The name of the virtual currency being rewarded as it appears in the Fyber dashboard.



The id of the virtual currency being rewarded as it appears in the Fyber dashboard.


only if configured in the dashboard

The unique transaction ID in the form of a UUID (“Universally Unique Identifier”). Use this to check whether the transaction has already been processed in your system.

pub0 - pub9

only if added in the API request

It is possible to add custom parameters (called pub0, pub1, ... , pub9) to your API request for offers. These parameters are passed back, completely unchanged, in the reward callback.

Best Practice Check

To ensure the security of your reward callbacks, we recommend that you calculate the sid parameter and compare it to the parameter sent in the callback. This allows you to verify that the callback came from us.

Configure Your Endpoint in the Fyber Dashboard

Once you have configured your endpoint, you can configure that endpoint in the Callback URL under Reward Handling in Settings tab of the Fyber Dashboard.

Fyber automatically adds in the parameters necessary for you to deliver the reward, so you'll only need to configure the endpoint itself.

Adding the Transaction ID

It is possible to uniquely identify every callback sent to your system with Fyber's Transaction ID.

Checking the Transaction ID is a simple way to ensure that you never incorrectly reward a user twice. We recommend storing all transaction ids on your system and comparing your known list to the id sent in each reward callback.

Security token is generated for you to use when calculating the sid parameter. You may choose to change this token at any time.


The Security token you find in the dashboard should never be placed in your client-side integration. This token that should be kept secret between your servers and ours. Ensure that there is no possible way that any of your users can access it.

If you feel your token may have been compromised, you may change it in the dashboard and then update your server-side configurations with the new token.

You can add this parameter by including ?_trans_id_= at the end of your Callback URL in the dashboard. If you already have some parameters as part of your URL, you can include the transaction id instead by including ?parameter=value&_trans_id_=.

Best Practice Check

Due to the universally unique nature of the Transaction ID, adding the ID to your callback ensures that the sid parameter is also universally unique. Using these parameters together, you can add in additional security to make sure that users can not fraud your system into providing unearned rewards.

You have successfully set up Offer Wall via REST API.

Back to Top ⇧