Youmi ios offers order callback protocol en

跳转至: 导航搜索

Youmi iOS OfferWall Server Callback Protocol


  • This document is only for iOS platform. For Android, please check out here:Youmi Android Offerwall Server Callback Interface Protocal
  • The uniform encoding of interface: UTF-8
  • Be suited to developers who use their own server to manage currency points.
  • Once Youmi gets the feedback data from advertisers, we will report back to developers' server immediately.
  • It will need developers to offer an interface to receive data. The method for interface to receive data: GET.


  1. Developers will set up the currency points feedback address in Youmi's developer background control panel, eg:
  2. Once Youmi's server receives an effective data record, it will feedback to developers' server (with GET method) with the feedback url address which is offered by developers. Relevant parameters will be will plus to the url address as below.


Parameter Full Name Parameter Name Type Description
Order ID order Character String(16 bytes) Order ID: This value is unique. If developer receives the same order ID, that means the order is already existed.
App ID app Character String(16 bytes) The Application ID
Ad Name ad Advertisement Name(50 bytes) The advertisement name. If the ad type is app, then the ad name is the application's name
Ad Identify adid Advertisement Number(Integer) ID of Advertisement
User ID user Character String ID of user: User can set up his own ID, or set it as reserved callback field.
Device ID device Character String Device ID: MAC address for iOS. If don't have MAC address, then use Advertising Identifier(IDFA). ""
Channel chn Integer Channel number, it will be 0 for iOS
Price price Float The revenue that developers earn
Points points Integer The currency points that users earn
Order Create Time time Integer The time when Youmi create the order
Sig sig Character String(8 Bytes) Reserved field(insignificant)
Sign sign Character String(36 Bytes) Signature


  • All parameters in this protocol will be encoded in UTF-9.
  • $dev_server_secret: The secret key from developers' server, offered by Youmi. Enter this page "" after logging, find the rewarded ads callback method setting-server callback setting, and set up the server address. After successfully setting, a secret key will be assigned to your app.
    , you can inquire the key in the developers back end control panel.
  • Some fields might contain special characters, please use urldecode when receiving request.

Signature Algorithm

Use all parameters in 【Parameters】 list (except "sign") as key, then get the MD5 value with the key.
Supposed the parameters participate in signature are "k1", "k2" and "k3", their value are "v1", "v2" and "v3", then the computing method is:

  • Build the pair form of "key=value" with the parameters. For example, "k1=v1", "k2=v2", "k3=v3".
  • Sort the pair of key and value with ascending lexicographical order and connect them together, like this "k1=v1k2=v2k3=v3".
  • Add dev_server_secret in the end of the connected character string.
  • The signature value is the MD5 value of the above character string.


  • Don't include the sign(signature) parameters when calculating the signature
  • The parameters in signature procedure have not been processed by urlencode.
like this: sign = md5("ad={$ad}adid={$adid}app={$app}chn={$chn}device={$device}order={$order}points={$points}price={$price}sig={$sig}time={$time}user={$user}{$dev_server_secret}");


Original URL:

After calculate:

Final URL:

Implement in PHP:

 $url = '';
 $dev_server_secret = '1234567890';
 $url .= '&sign=' . getUrlSignature($url, $dev_server_secret);
 echo $url, "\n"; 
 function getUrlSignature($url, $secret){
   $params = array();
   $url_parse = parse_url($url);
   if (isset($url_parse['query'])){
     $query_arr = explode('&', $url_parse['query']);
     if (!empty($query_arr)){
       foreach($query_arr as $p){
         if (strpos($p, '=') !== false){
           list($k, $v) = explode('=', $p);
           $params[$k] = urldecode($v);
   return getSignature($params, $secret);
 function getSignature($params, $secret){
   $str = '';
   foreach ($params as $k => $v) {
     $str .= "{$k}={$v}";
   $str .= $secret;
   return md5($str);

Implement in Java:

public class YoumiSign {
  public static void main(String[] args) {
    HashMap<String, String> ps = new HashMap<String, String>();
    ps.put("order", "abcdef0123456789");
      String sign=getSignature(ps,"xxxxx");
    }catch (Throwable e){
      //TODO Handle Throwable
   * Signature Generation Algorithm
   * @param HashMap<String,String> params - The parameters set, all parameters must be converted to character string type
   * @param String dev_server_secret - The secret key that developers set up in Youmi back end control panel 
   * @return Signature
   * @throws IOException
  public static String getSignature(HashMap<String, String> params, String dev_server_secret) throws IOException {
    // Sort parameters in ascending lexicographical order with their names
    Map<String, String> sortedParams = new TreeMap<String, String>(params);
    Set<Map.Entry<String, String>> entrys = sortedParams.entrySet();
    // Traverse the sorted dictionary, connect the parameters with the form of "key=value"
    StringBuilder basestring = new StringBuilder();
    for (Map.Entry<String, String> param : entrys) {
    // Use MD5 to encrypt the character string
    byte[] bytes = null;
    try {
      MessageDigest md5 = MessageDigest.getInstance("MD5");
      bytes = md5.digest(basestring.toString().getBytes("UTF-8"));
    } catch (GeneralSecurityException ex) {
      throw new IOException(ex);
    // Convert the binary result export from MD5 to hexadecimal in lowercase
    StringBuilder sign = new StringBuilder();
    for (int i = 0; i < bytes.length; i++) {
      String hex = Integer.toHexString(bytes[i] & 0xFF);
      if (hex.length() == 1) {
    return sign.toString();

Verification of Signature

Statements:In the early stage of integrating advertisement SDK, developers might find it fail to pass the verification, then this verification interface will be needed to verify.
Of course, you can also contact our customer service directly. Normal verification logic will be implemented by developers themselves.

Supposed that developers receive the feedback request from Youmi is:

If the calculating signature is different with the receiving signature, you can make the below request to test:

Just replace with 
This test link will output the corresponding result.

Return Value

  1. Youmi will proceed the next operation according to the returning http status code from developers' server. The normal http status code should be 200 or 403.
  2. If the http status code is 200, that means developers already received and processed the message normally.
  3. If the http status code is 403, that means developers refuse this request, which also means middle-tier server will not repeatedly make request to developers' server.
  4. If timeout, or the http status code isn't 200 nor 403, the middle-tier server will make request to developers' server again in the next cycle.
  5. There will be delays in the next cycle request to developers' server, the delay time will respectively be: 5s, 10s, 60s, 300s, 600s, 3600s(since last request). Which means, in the worst case, Youmi will send seven requests. If all of the seven requests fail, the link will be discarded.
  6. Because of network issues or other reasons, developers' server will receive multiple records with the same order ID. In this case, developers' server need to abandon the duplicate records, and output with http status code 403. That is to say, Developers' server need to remove the duplication of receiving message.