Getting Started

Welcome to the Offerwall PRO documentation. Bellow you will find all required informations to integrate our offerwall into your website in just few minutes.

Before integrating our offerwall, make sure you're registered on our website, account is required to use any of our tools.

Add your Website

To be able to integrate our offerwall, first you have to add your website. Once you have added your website you will have an API KEY and a SECRET KEY, that you will need to integrate our offerwall.

To register your website into our service, please follow these steps:

  1. Login to your Offerwall PRO account.
  2. You should now see the Add Website button at sidebar. Click this button to add your first website.
  3. Set your Website Name, Domain Name and application type (platform) and proceed to next step.
  4. Set your Currency Name in plural form (e.g. Points, Tokens, Coins...), Currency Round (the number of decimals your currency can have, up to 2 decimals) and Exchange Rate (how many of your website currency units will a user earn for every 1 USD that we will pay you).
  5. Set your Postback URL. Whenever a user completes an offer, we will make a call to this URL by sending all the information needed to help you to credit the virtual currency to your users.
  6. Done! You have add your website, one of our team members will review it and once it is approved you will receive an email in the meantime you can continue with the integration process. You will find more informatons about postback integration in next chapters of this documentation.

Integrate Offerwall

Our Offerwall enables users to benefit from incentives and rewards thanks to segmented, automatically translated ads. Our offerwall will adapt to any screen and will show offers to your users.

Before being able to integrate our offerwall, you must register your website first. Once you have registered your website you will have an API KEY and a SECRET KEY, that you will need in the following steps.

  1. Click on My Websites button on sidebar.
  2. From your websites list, you can get your API and Secret keys, anyway if you click Edit button on any of your websites you will be able to get your full integration code of the offerwall.

    From your website overview, you can get the offerwall code by clicking on Get Offerwall Code button. You just need to copy the code on your website.

Offerwall Code

<iframe style="width:100%;height:800px;border:0;padding:0;margin:0;" scrolling="yes" 
frameborder="0" src="[API_KEY]/[USER_ID]"></iframe>

Replace [API_KEY] with your website api key and [USER_ID] by the unique identifier code of the user of your site who is viewing the wall.

Parameter Description Value
[API_KEY] Unique API Code provided when you registered your website varchar(32)
[USER_ID] Unique identifier code of the user of your site varchar(32)

Postback Notifications

Whenever a user complete an offer, we will make a call to the Postback URL that you indicated in your app attaching all the information that you will need to credit your users.

Our server will make a HTTP POST request to your server including all of the following parameters.

Parameter Description Example
subId This is the unique identifier code of the user who completed action on your platform. user123
transId Unique identification code of the transaction made by your user. XX-12345678
reward The amount of your virtual currency to be credited to your user. 1.25
reward_name The name of your currency set when you registered your website. Points
payout The offer payout in USD 0.100000
userIp The user's IP address who completed the action.
country Country (ISO2 form) from the lead comes. US
status Determines whether to add or subtract the amount of the reward. "1" is when the virtual currency should be added to the user and "2" when it should be subtracted. This may be because the advertiser has canceled the user's transaction, either because he/she committed fraud or because it has been a mistake entering the data needed to complete the campaign. 1 (valid) / 2 (chargeback)
debug Check if is a test or a live postback call. 1 (test) / 0 (live)
signature MD5 hash that can be used to verify that the call has been made from our servers. 17b4e2a70d6efe9796dd4c5507a9f9ab

"reward" and "payout" parameters are always absolute values, you will need to check status parameter to see if you need to add or subtract that amount from your users.

Postback Security

You should verify the signature received in the postback to ensure that the call comes from our servers.
Signature parameter should match MD5 of subId transactionId reward secret key. You can find your Secret Key of your website in My Websites section.

The formula to be checked is as follows:

  $secret = ""; // Get your secret key from Offerwall PRO

  $subId = isset($_REQUEST['subId']) ? $_REQUEST['subId'] : null;
  $transId = isset($_REQUEST['transId']) ? $_REQUEST['transId'] : null;
  $reward = isset($_REQUEST['reward']) ? $_REQUEST['reward'] : null;
  $signature = isset($_REQUEST['signature']) ? $_REQUEST['signature'] : null;

  // Validate Signature
  if(md5($subId.$transId.$reward.$secret) != $signature)
   echo "ERROR: Signature doesn't match";

Our servers wait for a response for a maximum time of 60 seconds before the timeout. In this case, postback will be marked as failed. Please, check if the transaction ID sent to you was already entered in your database, this will prevent to give twice the same amount of virtual currency to the user.

IPs to whitelist

We will be sending the postbacks from any of the following IP addresses. Please make sure they are whitelisted if needed to be in your server.

Respond to Postback

Our servers will expect your website to respond with "ok". If your postback doesn't return "ok" as response, postback will be marked as failed (even if postback was successfully called) and you will be able to resend it manually from our website.

Postback Example

The following example is not a working one but should be enough to understand how you should implement your postback in your website.

  $secret = ""; // Get your secret key from Offerwall PRO

  // Proceess only requests from Offerwall PRO IP addresses
  $allowed_ips = array(;

  if(!in_array($IP, $allowed_ips)) 
   echo "ERROR: Invalid source";

  // Get postback variables
  $userId = isset($_REQUEST['subId']) ? $_REQUEST['subId'] : null;
  $transId = isset($_REQUEST['transId']) ? $_REQUEST['transId'] : null;
  $reward = isset($_REQUEST['reward']) ? $_REQUEST['reward'] : null;
  $reward_name = isset($_REQUEST['reward_name']) ? $_REQUEST['reward_name'] : null;
  $payout = isset($_REQUEST['payout']) ? $_REQUEST['payout'] : null;
  $ipuser = isset($_REQUEST['userIp']) ? $_REQUEST['userIp'] : "";
  $country = isset($_REQUEST['country']) ? $_REQUEST['country'] : null;
  $status = isset($_REQUEST['status']) ? $_REQUEST['status'] : null;
  $debug = isset($_REQUEST['debug']) ? $_REQUEST['debug'] : null;
  $signature = isset($_REQUEST['signature']) ? $_REQUEST['signature'] : null;

  // Validate signature
  if(md5($userId.$transId.$reward.$secret) != $signature)
    echo "ERROR: Signature doesn't match";

  // Add or substract the reward
  if($status == 2)
    //  2 = Chargeback, substract reward from user
    $reward = -abs($reward);

   // Check if the transaction is new, use $transId to valiate it
    // Transaction is new, reward your user
    processTransaction($userId, $reward, $transId);
    // This transaction already exist

  echo "ok"; // Important!