🔑Supplier Protocol API

Throughout a gaming session, various interactions take place between Supplier and The Bet Brothers platform, involving seamless data exchange facilitated by an API. This API operates as a REST interface, ensuring that data is conveyed through POST requests and organized in the JSON format. For each method call, specific parameters are passed within the request body to specify the desired action.

A pivotal component of this process is the SUPPLIER_URL, which the Supplier is responsible for furnishing at the integration's outset. In return, The Bet Brothers platform provides essential details including WALLET_URL, PROVIDER_ID, PROVIDER_NAME, and a PASSWORD at the initiation of the integration.

Security: Request Signing using HMAC-SHA256 Algorithm

Security is a paramount concern, and to uphold the integrity and authenticity of every API request, we employ a request signing mechanism. Each request's signature is computed using the HMAC-SHA256 algorithm, with the request body as the message and a unique password supplied by the platform serving as the encryption key. This generated signature is then included in the HTTP request's "X-REQUEST-SIGN" header.

Below, you'll find a PHP example illustrating how to calculate and incorporate the request signature:

    $data = '{
      "provider_name":"test",
      "provider_id":19,
      "game_symbol": "MadMonkey",
      "language": "en",
      "currency_code": "EUR",
      "lobby_url": "https://www.google.com",
      "is_mobile": true,
      "is_demo": true
        }';

    $password = 'password';

    $hash = hash_hmac('sha256', $data, $password);

    Http::withHeaders([
        'Content-Type'   => 'application/json',
        'X-REQUEST-SIGN' => $hash,
    ])->post($uri, $data);