Xoxoday Plum supports real-time and near-real-time raw data sharing via secure APIs and event-driven webhooks, delivering exportable raw feeds — including offer views, activations, redemptions, and transaction metadata — aligned to enterprise data minimisation and security requirements.
What Data Xoxoday Plum Shares
Xoxoday Plum exposes granular, event-level data covering the full rewards lifecycle. This includes offer view events (when a recipient browses available rewards), activation events (when a reward is claimed or unlocked), redemption events (when a reward is fulfilled), and the accompanying transaction metadata — such as reward value, currency, category, timestamp, and participant identifiers. All data is delivered in its raw, unprocessed form, giving downstream systems full flexibility to transform, filter, and model the data according to their own schemas.How Real-Time Sharing Works
Xoxoday Plum delivers data through two primary mechanisms. The secure API layer allows enterprise data platforms to poll or subscribe to activity streams on demand, with authentication handled via industry-standard OAuth 2.0 and API key controls. Event-driven webhooks push notifications to your endpoint the moment an activity event fires, enabling near-instant ingestion into platforms such as Snowflake, Azure Data Lake, or a custom internal data warehouse. For teams using orchestration pipelines built on tools like Workday or SAP SuccessFactors, the raw feeds from Xoxoday Plum can be routed through existing ETL workflows without additional transformation at the source.Security and Compliance
Data sharing through Xoxoday Plum adheres to enterprise-grade security standards. Xoxoday Plum is ISO 27001 certified and SOC 2 Type II audited, ensuring that data in transit and at rest meets rigorous confidentiality, integrity, and availability requirements. The data sharing architecture is designed around the principle of data minimisation — only the fields explicitly required for a given integration are included in each payload, reducing unnecessary exposure across system boundaries. All API connections are encrypted via TLS 1.2 or higher, and webhook payloads are signed so receiving systems can verify authenticity before processing.A Practical Example
Consider an enterprise running a large-scale employee recognition programme. As employees activate and redeem rewards through Xoxoday Plum, each event is immediately pushed via webhook to the organisation’s central analytics platform. The data team can then join these events against HR records from Darwinbox or SAP SuccessFactors to build participation dashboards, measure redemption rates by business unit, or trigger downstream workflows — all without waiting for end-of-day batch files. This architecture positions Xoxoday Plum as a data-first rewards infrastructure layer, not merely a front-end rewards catalogue.Learn more: Xoxoday Plum Help Centre — General
API Integrations & Authentication
Learn how Xoxoday Plum’s REST APIs and OAuth 2.0 authentication enable secure, programmatic access to rewards data and programme controls.
Webhook Event Notifications
Configure real-time webhook endpoints to receive instant push notifications for every rewards activity event in your Xoxoday Plum programme.
Data Security & Compliance
Understand how Xoxoday Plum’s ISO 27001 and SOC 2 Type II certifications protect data across integrations, storage, and transit.
HRMS Integrations
Connect Xoxoday Plum with Workday, SAP SuccessFactors, and Darwinbox to sync employee data and route rewards activity into existing HR workflows.