Verify Click

Report the outcome of a click verification. Use this after comparing tags at checkout to report whether a hijack was detected.

Endpoint

POST https://api.linkbay.io/api/v1/merchant/verify-click

Request Body

{
  "click_id": "xyz789",
  "arrived_tag": "HIJACKER99",
  "conversion": true,
  "order_id": "ORDER-12345",
  "order_value": 99.99
}

Request Fields

Field	Type	Required	Description
`click_id`	string	Yes	The click ID from the `lb_click` URL parameter
`arrived_tag`	string	Yes	The affiliate tag that arrived in your URL
`conversion`	boolean	No	Whether a conversion (purchase) occurred
`order_id`	string	No	Your order ID for reference
`order_value`	number	No	The order value for commission calculation

Response

{
  "clickId": "xyz789",
  "expectedTag": "CREATOR123",
  "arrivedTag": "HIJACKER99",
  "isHijacked": true,
  "verdict": "Tags do not match - potential hijack detected",
  "creatorId": "abc123",
  "recorded": true
}

Response Fields

Field	Type	Description
`clickId`	string	The click identifier
`expectedTag`	string	The original creator's affiliate tag
`arrivedTag`	string	The tag that arrived in your URL
`isHijacked`	boolean	True if tags don't match
`verdict`	string	Human-readable verification result
`creatorId`	string	The original creator's Linkbay ID
`recorded`	boolean	Whether the verification was recorded for analytics

Example Usage

JavaScript/TypeScript

// At checkout, verify and report the click
async function verifyAndReport(clickId, arrivedTag, orderDetails) {
  const response = await fetch(
    'https://api.linkbay.io/api/v1/merchant/verify-click',
    {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'X-API-Key': process.env.LINKBAY_API_KEY,
      },
      body: JSON.stringify({
        click_id: clickId,
        arrived_tag: arrivedTag,
        conversion: true,
        order_id: orderDetails.id,
        order_value: orderDetails.total,
      }),
    }
  );

  const result = await response.json();

  if (result.isHijacked) {
    // Use result.expectedTag for commission attribution
    console.log(`Hijack detected! Crediting ${result.expectedTag} instead of ${arrivedTag}`);
  }

  return result;
}

cURL

curl -X POST "https://api.linkbay.io/api/v1/merchant/verify-click" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_API_KEY" \
  -d '{
    "click_id": "xyz789",
    "arrived_tag": "HIJACKER99",
    "conversion": true,
    "order_value": 99.99
  }'

Best Practices

Call this endpoint at checkout after comparing tags to build a complete picture of hijacking attempts.
Always credit the expectedTag creator, not the arrivedTag when a hijack is detected.
Include order details to help creators track their actual earnings.
This data helps identify hijacking patterns and bad actors.