Track conversions from any language. Every endpoint is documented with cURL, JavaScript, and Python examples.
Fire this URL from your advertiser platform when a conversion happens. {click_id} resolves via tracker_click_id → sub1 → internal UUID.
curl -X GET 'https://partners.leadmedia.in/api/public/postback?click_id={click_id}&payout={payout}¤cy=USD'await fetch(
`https://partners.leadmedia.in/api/public/postback?click_id=${clickId}&payout=${payout}¤cy=USD`
);import requests
requests.get(
"https://partners.leadmedia.in/api/public/postback",
params={"click_id": click_id, "payout": payout, "currency": "USD"},
)Drop this on your thank-you page for iframe-based conversion tracking.
<img
src="https://partners.leadmedia.in/api/public/pixel/OFFER_ID?click_id=CLICK_ID&payout=9.99"
width="1" height="1" style="display:none" alt=""
/>Every outbound webhook is signed with HMAC-SHA256 in the X-SwiftTrack-Signature header. Verify before trusting the payload.
{
"event": "conversion.approved",
"conversion_id": "d31a...",
"click_id": "8bee...",
"tracker_click_id": "D-21978919-...",
"offer_id": "b7c9...",
"aff_id": "3f21...",
"payout": 9.99,
"currency": "USD",
"created_at": "2026-07-02T12:34:56Z"
}import { createHmac, timingSafeEqual } from "crypto";
const sig = req.headers["x-swifttrack-signature"];
const expected = createHmac("sha256", SECRET)
.update(rawBody)
.digest("hex");
if (!timingSafeEqual(Buffer.from(sig), Buffer.from(expected))) {
return res.status(401).end("Invalid signature");
}