Configuring Webhooks

Developers can follow the below guide to learn how to listen to webhooks:

  1. Open Webhook Settings
    Go to the Coinflow Admin Dashboard → Developers → Webhooks

  2. Add a new Webhook URL

  3. Generate a Webhook Validation Key

  4. Configure Webhook Settings
    Select Latest Webhook Version > Select all events to listen to > Save.

  5. Add an Endpoint on Your Server
    Create a POST route to receive events from Coinflow.

    router.post('/coinflow-webhook', async (req, res) => {
    try {
    const { data } = req.body;
    const authHeader = req.get('Authorization'); //Ensure the Authorization matches your Validation Key to validate that this request is coming from Coinflow
    if (authHeader !== process.env.COINFLOW_VALIDATION_KEY) {
    throw new ControllerError('User not allowed', 401);
    }
    console.log(`Event: ${data}`);
    handleEvent(); // Add your custom logic here
    res.sendStatus(200);
    } catch (e) {
    handleError(res, e);
    }
    });

Automatic Retries

If a webhook fails Coinflow will retry sending the webhook until your server returns a 200 OK. Your server must respond within 5 seconds, or the request times out and is retried.

Retries use exponential backoff, with the wait time roughly doubling after each failed attempt. Coinflow makes up to 16 attempts (one initial delivery plus 15 retries):

RetryWait after previous failed attempt
1~1 second
2~3 seconds
3~7 seconds
4~15 seconds
5~31 seconds
6~1 minute
7~2 minutes
8~4 minutes
9~8 minutes
10~17 minutes
11~34 minutes
12~1 hour
13~2 hours
14~4.5 hours
15~9 hours

If every attempt fails, Coinflow stops retrying after approximately 18 hours. You can resend webhooks from the Merchant Dashboard or through the Coinflow API.