Making a callback cache for doing API callbacks is quite straight forward, if you where doing for this say a telecommunication company that had to notify many nearly there whole assumed customer base of functions happening on a phone say when an SMS was received by the network, then another call back for when the SMS or MMS was received on the device then this combined with call and duration and all the other stuff most people don’t get to use cause of limitation in the devices we use then this is how you make a workable callback cache.
See most people believe as a programmer that a call back is done at the point of contact for the notification this is not the cache, what it would do at this point is make a checksum cache file say fkjdsf8h934yt89h48h834h3.json for that call back; in a path structure like so ie. /function/callback-base-domain/callback-subdomains/client-username/kjdsf8h934yt89h48h834h3.json
You would then have a function which scoops say 200 of these every 4 minutes, as the curl timeout could be and best set for upto 360 seconds in response and connection timeout; if it fails say 7 times in the path of /function/callback-base-domain/callback-subdomains/client-username/ and you have a little json file in there that tracks the call fail and success rate, then you make another json file which the scoop search for like sandboxed.json and this just contains the timeout when it is unsandboxed and if the scoop finding this just drops the sandbox, if it say get sandboxed over 7 days you make that call back offline for near complete fail rates; otherwise 3/4 days in you send a warning notice.
See these systems are only maintained by programmers and generally ones of a resounding caliber or they will be websites where you put in your username and api key for the REST API. You need to make a system also for these website where someone can with either a TXT or temporary cname for a lookup to versify or even simple html or file verification, where they can put a callback when they are offering 3rd party services from your API which does happen where they get basic user information, like has credit (true/false) disconnect just as a few true false and the username without any API Key information, they can use this when they have it to query lesser sensitive information.
This sort of callback on the API is easily manageable you can have say 50 calls to the php with crontab with variables to specify on the cURL header information how many and what they do which all vary from every 1 minute to ever 9 minutes called with different quantities and thresholds; you would be able to make it also start up with a session handler more crons as they are required just by using the callback api file cache size in the writing and unlinking of these files which are not required to be stored after their system they are only a system typal of the moment, you have all that in the database anyway.
As long as you report the timezone and the time of the action, it is okey if you present the callback in delay of the function on the network; this is how any honed programmer would assume it would be under basis of anyway!!!