When you receive an instant payment notification (IPN), you should use the relevant API call to look up the object's updated information. For example, if you received an IPN for a checkout, you would receive the checkout_id in the HTTP request POST data. You would then make the /checkout call to look up the new information for the checkout.
IPNs themselves don't include state information. The canonical source for information about the object is the relevant API call (like /checkout). We do this so that you don't have to verify the IPN itself. HTTPS/SSL verifies the identity of the server you are making API calls to, you will always know that the updated information you are receiving is correct. If we sent object information in the IPN itself, you would have to verify the authenticity of the information (via signed request or other method).
The IPN is only a notification that the state on an object has changed and you should look up the new information.
IPNs will be sent in Content-Type: application/x-www-form-urlencoded. Here is an example of a full response:
HEADERS: Host: 8ff7bfa0.ngrok.io
User-Agent: WePay API Callback Agent