Wallet API

Playing a Game Round

Integration Overview

A key component of integrating with the Bet Brothers' platform is the WALLET_ENDPOINT. At the outset, the Operator must provide this endpoint, which acts as the crucial link between their system and Bet Brothers. This connection enables the efficient transfer of wallet-related data, such as balance and transaction details, ensuring a seamless gaming experience for players. Additional steps may vary based on specific requirements.

Game Round Communication

During game rounds, the Operator and Bet Brothers communicate through an API, employing a REST interface for smooth gameplay. Data is exchanged via POST requests formatted in JSON. Each API call includes necessary parameters in the request body to specify the intended action.

Request Signing with HMAC-SHA256

To ensure the integrity and authenticity of each API request, we use a request signing mechanism. This involves calculating a request signature using the HMAC-SHA256 algorithm. The request body is used as the message, and a platform-provided password serves as the key.

Here's a PHP example demonstrating how to generate and include the request signature:

Generate the Signature: Use HMAC-SHA256 to calculate the signature using the request body and the password.
Include the Signature: Add the generated signature to the "X-REQUEST-SIGN" header of the HTTP request.

This process helps secure the communication by verifying the source and ensuring the data hasn't been tampered with.

Here's a PHP example demonstrating how to calculate and include the request signature:

   $data = '{
          "player_id": 6,
          "reference": "Monkey",
          "currency_code": "EUR",
          "action": "balance",
          "is_mobile": false,
          "session_token": "session_token_here"
        }';

    $password = 'password';

    $hash = hash_hmac('sha256', $data, $password);

    Http::withHeaders([
        'Content-Type'   => 'application/json',
        'X-REQUEST-SIGN' => $hash,
    ])->post($uri, $data;

$data refers to the JSON payload of the API request. $password is the secret key provided by the platform. $hash is the HMAC-SHA256 signature of the request, calculated using the hash_hmac function with SHA-256. The request body ($data) serves as the message, and the secret key ($password) acts as the key.

The generated signature is included in the "X-REQUEST-SIGN" header of the HTTP request. This method ensures each API request is securely signed and can be verified on the server side to confirm its authenticity

PreviousLaunch game in Real Mode NextBalance

Last updated 12 days ago

$data = '{ "player_id": 6, "reference": "Monkey", "currency_code": "EUR", "action": "balance", "is_mobile": false, "session_token": "session_token_here" }'; $password = 'password'; $hash = hash_hmac('sha256', $data, $password); Http::withHeaders([ 'Content-Type' => 'application/json', 'X-REQUEST-SIGN' => $hash, ])->post($uri, $data;