We do provide a server to server callback. You can specify the endpoint you want us to notify with that callback after the completion of a rewarded video for each app in the Manage Apps section. Our server to server callback has a slightly different implementation than other providers and here are the important differences:
1. Our server to server callback never goes through the user's phone. After our SDK notifies us that the rewarded video has been fully watched and all other client side processes have been completed, our SDK notifies our server and our server then goes directly to the endpoint you specify. This means that the user can not hack callback to fraudulently rewarded themselves so long as you use a unique endpoint in the Manage Apps section.
2. You can specify which variables (like currency type/amount, user device IDs, etc.) you'd like to receive in the server to server callback. These are listed in the Manage Apps section also.
3. You can check that these requests come from AppLovin by taking advantage of your Event Key. You can include {EVENT_ID} (a unique transaction ID) and {EVENT_KEY} as values in your callback. The value that will be replaced by the {EVENT_KEY} macro is calculated using a SHA1 hash of the Event ID and Event Key:
sha1( [The Event ID] +[Your Event Key])
For example, if your event key is "uHXOnmfO2f3wd-syBwXxsj7m53qiJoI9VzXTvE8LOSnIWjS6zzxS8HgSIBJSbQWdS1czmgwXSWDaKwehtjyYl_" and the Event ID is "14a97273742c0c9e8864fe40193dad5506e930bc", the {EVENT_KEY} macro will populate with
3724081c17d32a66276ffff2a14b124a278934e9
which is calculated by sha1(14a97273742c0c9e8864fe40193dad5506e930bcuHXOnmfO2f3wd-syBwXxsj7m53qiJoI9VzXTvE8LOSnIWjS6zzxS8HgSIBJSbQWdS1czmgwXSWDaKwehtjyYl_)
You can find your Event Key in the Rewarded Video section of any app in Manage Apps (the key is the same for your entire account). If you don't have a key, please open a support ticket at our Developer Support portal to generate one.