Requirements

The Tango API empowers you to effortlessly configure and subscribe to various events occurring within your platform. By subscribing to these webhook events, our system takes the initiative to inform yours whenever the subscribed event transpires. As an illustration, consider the webhook notification, which promptly notifies you when a catalog item experiences changes in availability or when the status of an account changes from active to inactive or frozen, for example.

Additionally, Tango will offer a range of other webhook events to cater to your specific needs. These include future notifications when a customer redeems a Choice Product, when your account balance approaches a low threshold, or when an ACH deposit becomes accessible.

What you need?

You need the following requirements to start:

• Tango account—If you have a Tango account already, learn how to Sign in to Tango portal. If you are new to Tango, Sign up here or see our document on how to Sign up for a free Tango account.
• Tango API keys—You can get your API keys by logging in to the Tango portal. See Find and manage API keys in Tango.
• Access to Tango test and production API:
  • Sandbox URI: https://integration-api.tangocard.com/raas/v2
  • Production URI: https://api.tangocard.com/raas/v2

Security and authentication

Before you commence, take into account the following aspects to bolster the security of your system:

• Authenticate Tango Webhook APIs: Implement Basic authentication to ensure that only authorized entities can access Tango webhook APIs.
• Provide your Tango signing certificate (public key): Include your Tango signing certificate (public key) as part of the create webhook subscription payload.
• Verify your events with your private key: During the webhook's creation, your supplied signing certificate (public key) is vital as Tango employs the signing certificate (public key) to sign events, providing a verifiable signature that confirms the origin of calls from Tango.
• Allowlist Tango IP addresses: To enhance security further, Tango provides a set of specific IP addresses that should be allowlisted within your systems. This step ensures that only requests originating from these trusted IP addresses are accepted, adding an additional layer of protection to your webhook integration.

Notifications coming from the following IP addresses with validated signatures must be accepted:

By diligently addressing these security measures, you can fortify the integrity and reliability of your Tango webhook integration, safeguarding your system from potential threats and unauthorized access.