Experience a seamless journey towards setting up your own Postback as we walk you through each step, providing comprehensive guidance along the way.

Quick Info : When a user successfully completes an offer, we immediately trigger a call to the Postback URL you have provided in your placement. This call contains all the relevant information required to credit your users, serving as a real-time notification to your server.

Postback Parameters



This is the unique identifier code of the user who completed action on your platform.



The amount of your virtual currency to be credited to your user.



The Name of the offer completed.

Lords Mobile


Boolean: true for a multi-event offer, false otherwise.



Name of the event action that got conversion

Lords Mobile Castle level 7


ID of the event action that got conversion



For determining the reward amount, completed status adds currency while rejected status subtracts it..



ID of the offer as displayed on the AdBreak Media dashboard



IP address of the user that completed the offer


Amount in USD that you earned for this conversion



Unique ID of the conversion generated by AdBreak Media



Country (ISO2 form) from the lead comes.



SHA256 hash that can be used to verify that the call has been made from our servers.



Extra Param that you passed though offerwall



Extra Param that you passed though offerwall


REWARD_VALUE and PAYOUT parameters are always absolute values, you will need to check status parameter to see if you need to add or subtract that amount from your users.

All values are URL encoded.


This is how we call your postback url :

Without Values


With Values


Note :

Our servers expect an HTTP Status Code 200 from your Postback URL. If this response is not received from your URL, we will attempt to resend the Postback up to 5 times. There is a 1 hour delay between each attempt. After 5th attempt, you will receive a Postback failure email from us. Please be aware that the message returned by your postback endpoint should not include error messages such as fail or error. Otherwise, it will be considered a postback failure.


For enhanced security and to prevent tampering, please ensure that the postback URL used is exclusively designated for AdBreak Media. Additionally, consider whitelisting the server IP for added protection.

You should also verify the hash received in the Postback to ensure that the call comes from our servers. Hash parameter should match SHA256 of :


To obtain your publisher secret key, please navigate to the dashboard settings/secret credentials section. Make sure to use this key for your postback verification purposes.

    function calculateSHA256Hash($data) {
        return hash('sha256', $data);

    $serverIPs = [""];
    $serverIP = $_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"] ?? "No Need";

    if (!in_array($serverIP, $serverIPs)) {
        exit("Access Denied");

    $user = $_GET['user'];
    $offerId = $_GET['offerId'];
    $txid = $_GET['txid'];
    $received_hash = $_GET['hash'];

    $secret = '4bd91dc2fd97f2d2ecad9425019c179ffd26c5a866e991192ea8c43bf79e0a63';
    $calculated_hash = calculateSHA256Hash($user . $offerId . $txid . $secret);

    if ($received_hash === $calculated_hash) {
        // Your actions here
        echo "Approved";
    } else {
        echo "Unauthorized";

If you encounter any difficulties while setting up the postback, please don't hesitate to reach out to us at publishers@adbreakmedia.com. Our team will be more than happy to assist you as soon as possible!

Last updated