Developers
Webhooks
SMTP Wizard uses webhooks to notify your backend when a payment is confirmed and a license is issued.
Payment webhook (Cryptomus)
When a payment is confirmed, Cryptomus posts to:
POST https://buildmysmtp.com/api/cryptomus/webhook
The webhook is verified using an HMAC signature: md5(base64(body) + apiKey). Never trust a webhook without verifying the sign header.
Webhook payload
{
"status": "paid",
"order_id": "a1b2c3d4e5f6",
"amount": "110",
"currency": "USD",
"payment_amount": "110.00",
"uuid": "cryptomus-payment-uuid"
}Signature verification
# PHP
$sign = md5(base64_encode($rawBody) . $YOUR_API_KEY);
if ($sign !== $_SERVER["HTTP_SIGN"]) {
http_response_code(400);
exit("Bad signature");
}Your webhook URL
The webhook URL is automatically set to https://YOURDOMAIN/api/cryptomus/webhook when you create a payment. No manual configuration needed.
Questions? info@buildmysmtp.com