🔑Supplier Protocol API

Throughout a gaming session, various interactions take place between Supplier and The Bet Brothers platform, involving seamless data exchange facilitated by an API. This API operates as a REST interface, ensuring that data is conveyed through POST requests and organized in the JSON format. For each method call, specific parameters are passed within the request body to specify the desired action.

A key part of the integration process is the SUPPLIER_URL, which will be used for the game launcher, and the SUPPLIER_API_URL, which will be used for Free Spins, Bet Levels, and Historical Rounds.

In return, The Bet Brothers platform provides essential details including WALLET_URL, PROVIDER_ID, PROVIDER_NAME, and a PASSWORD at the initiation of the integration.

Security: Request Signing using HMAC-SHA256 Algorithm

Security is a paramount concern, and to uphold the integrity and authenticity of every API request, we employ a request signing mechanism. Each request's signature is computed using the HMAC-SHA256 algorithm, with the request body as the message and a unique password supplied by the platform serving as the encryption key. This generated signature is then included in the HTTP request's "X-REQUEST-SIGN" header.

Below, you'll find a PHP example illustrating how to calculate and incorporate the request signature:

    $data = '{
      "provider_name":"test",
      "provider_id":19,
      "game_symbol": "MadMonkey",
      "language": "en",
      "currency_code": "EUR",
      "lobby_url": "https://www.google.com",
      "is_mobile": true,
      "is_demo": true
        }';

    $password = 'password';

    $hash = hash_hmac('sha256', $data, $password);

    Http::withHeaders([
        'Content-Type'   => 'application/json',
        'X-REQUEST-SIGN' => $hash,
    ])->post($uri, $data);