Custom API setup

Custom API integration (recommended for engineering teams)

Post conversions from your backend for maximum reliability: retries, idempotency, and complete auditability.

Open dashboard

Step 1 - Store your secret securely

You’ll use the Discount Capture Secret to authenticate conversion posts. Keep it in server-side env vars only.

Use Vercel / Supabase environment variables (never client-side).
Rotate it if it’s ever exposed.
Prefer a single integration service account for posting conversions.

Supported headers: x-pepf-discount-secret or x-referlabs-discount-secret.

Step 2 - Post conversions server-to-server

When a transaction is confirmed (paid/complete), call the discount capture endpoint from your backend.

HTTP request

POST https://referlabs.com.au/api/discount-codes/redeem
Headers:
  Content-Type: application/json
  x-pepf-discount-secret: <YOUR_SECRET>
Body:
{
  "discountCode": "VIP100",
  "orderReference": "ORDER-12345",
  "amount": "199.00",
  "metadata": {
    "platform": "custom_api",
    "customerEmail": "buyer@example.com"
  }
}

Use the real discount code used in the transaction. This is what drives correct ambassador attribution.

Reliability checklist

Idempotency: send the same orderReference on retries.
Retries: retry 5xx and network failures with backoff.
Logging: log request id, order id, discount code, and response status for audits.

If you need a quick no-code option, use Zapier or Make.

Common troubleshooting

401 responses: secret header missing/wrong.
No attribution: discount code posted doesn’t match the code used at checkout.
Not appearing in dashboard: check the Journey timeline and then run /status.

Testing checkpoints (do these in order)

Create a test ambassador, copy their discount code.
Run a test transaction that uses that discount code (or simulate one in your backend).
POST to /api/discount-codes/redeem from your server and confirm a 200 response.
Confirm the conversion appears in the dashboard and attributes to the correct ambassador.