Notifications
The easiest way to get notifications about transfers is to activate email notifications under your YooMoney wallet. We’ll send an email to the address linked to your wallet.
If you want to get instant notifications about transfers and identify every transfer immediately, activate HTTP notifications. The service will send the information about the amount, and value of the label field.

You can get HTTP notifications only to one server address. If you have multiple websites and different forms via which you accept money to the same YooMoney wallet, you need to set up parsing for the label field. For instance: label=XXyyyyyy, where ХХ stands for store’s ID and уууууу stands for transaction number.

HTTP notifications
A notification is sent upon receiving a transfer from a wallet or bank card.
Request format
A notification is sent as an HTTP request to the address specified in the wallet settings in the following format:
  • method: POST;
  • every parameter of the notification is specified as a “key=value” pair as a parameter of the POST request;
  • MIME type: application/x-www-form-urlencoded;
  • character encoding: UTF‑8.
Receiving notifications
YooMoney makes three attempts to deliver a notification: immediately after the transfer, in 10 minutes, and in one hour.
If notifications aren’t working, check the settings: check if your server is up (using the Test button) and whether its address is entered correctly. In this case, a record of the incoming transfer is saved in the wallet history (when sending test notifications, the record isn’t saved in the history).
Notification parameters
ParameterTypeDescription
notification_type
string
p2p-incoming for transfers from wallets.
card-incoming for transfers from any bank card.
operation_idstringOperation identifier in your wallet history.
amountamountAmount to be debited to your wallet.
withdraw_amountamountAmount transferred by the sender and debited from their wallet or card balance.
currencystringCurrency code is always 643 (Russian ruble according to ISO 4217).
datetimedatetimeDate and time of the transfer.
sender
string
Sender’s wallet for transfers from wallets.
For transfers from any bank card, the parameter contains an empty string.
codeprobooleanIndicates whether the transfer is protected with a security code. It’s no longer possible to make transfers with security codes via YooMoney, so the parameter always has the false value.
labelstringPayment label. If the label is not present, the parameter contains an empty string.
sha1_hashstringSHA-1 hash of notification parameters.
unacceptedbooleanThe transfer is not credited yet. The recipient needs to free up some space in the wallet.
Response format
A notification is considered accepted if the recipient transmitted the HTTP 200 OK code in the response.
Verification of authenticity and integrity of the notification
One of the notification parameters, sha1_hash, includes the value of the SHA-1 hashing function resulted from reduction of notification parameters jointly with the secret word.

The secret word for verifying notifications is used as secret information shared between YooMoney and the app developer. This guarantees the notification cannot be forged. You can get the secret word in the HTTP notifications settings of your wallet.

Always check sha1_hash value. You need to do it to make sure of the following:
  • integrity of the notification details hasn’t been compromised;
  • YooMoney is the sender.
To verify the notification integrity and authenticity, calculate the hash according to the algorithm stated above. Compare the details you received with the value of sha1_hash in the notification.
Calculating hash
Step 1. Create a string of notification parameters in UTF‑8 encoding (where notification_secret is a secret word for verifying notifications).
String format
notification_type&operation_id&amount&currency&datetime&sender&codepro&notification_secret&label
Sample of the parameter string
p2p-incoming&1234567&300.00&643&2011-07-01T09:00:00.000+04:00&41001XXXXXXXX&false&01234567890ABCDEF01234567890&
Sample of the parameter string with the payment mark
p2p-incoming&1234567&300.00&643&2011-07-01T09:00:00.000+04:00&41001XXXXXXXX&false&01234567890ABCDEF01234567890&YM.label.12345
Step 2. Calculate the SHA-1 hashing function value of the received string.
Step 3. Convert the result to HEX-coded format.
Sample of the calculated value of the parameter sha1_hash: 090a8e7ebb6982a7ad76f4c0f0fa5665d741aafa
Notification examples
Notification about a transfer from a card
operation_id = 441361714955017004
notification_type = card-incoming
datetime = 2013-12-26T08:28:34Z
sha1_hash = ac13833bd6ba9eff1fa9e4bed76f3d6ebb57f6c0
sender =
codepro = false
currency = 643
amount = 98.00
withdraw_amount = 100.00
label = ML23045
See also
HTTP notifications settings Notifications via email and text messages