Client Documentation

Chapter 1

Intro

In this section we will determine all the required steps for setting up the integration.

Configuration

Before we can start an integration, we will need to set up an environment. Environment is set per casino, please contact our project manager for more information.

For testing purposes, we have staging environments, which you can test with. Staging environments emulate production, please note that this environments might contain newer features which are not on prod yet.

Requirements

Before we can start the integration, make sure you have in hand the following configuration:

Casino set up and configured.
Gateway endpoint, all the calls will go through gateway, so you will have to have it in hand.
Casino ID,also known as brand id, this is the unique identifier for the casino.

If you are using staging environment, gateway URL and casino ID will be provided.

Content

For all the APIs available the following parameters will mean the same:

brand_id (Integer) - unique casino identifier, this will direct all the requests to the relevant tenant.
version (String) - API version, some APIs supporting multiple versions, those who do, an example will be displayed with the relevant version, please use recent versions of each, as older versions will be deprecated and removed.
x-auth-token (String) - login session for the player, after login, a token is returned, this token will be used for verification and retrieving player related resources.

Site Management

Site Configuration

In this section, we will explain about the configuration for the site. Starting from internationalization (I18N), handling message formats and displaying lobby.

Lobby API

This method returns a list of games to display in the lobby. The list of games might vary depending on whether or not the player is logged in (x-auth-token). The list might also vary by the type of platform and marketing segment. use gateway.[msdomain]. If user is logged in, games will be filtered out by the user’s country, both current logged in country and registration country.

Request (GET)

`/gateway/site-management/{version}/lobby/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	false	player logged in session.

Response

Status 200

{
  "structure": [
    {
      "name": "mobile.gameCategory.featuredGames",
      "category_id": "featured-games",
      "games": [
        "80879",
        "80836"
      ]
    },
    {
      "name": "mobile.gameCategory.slots",
      "category_id": "slots",
      "games": [
        "70147",
        "70071",
        "181053",
        "70007",
        "1193"
      ]
    },
    {
      "name": "mobile.gameCategory.tableGames",
      "category_id": "table-games",
      "games": [
        "181025",
        "181055",
        "120008"
      ]
    },
    {
      "name": "mobile.gameCategory.scratchCards",
      "category_id": "scratch-card",
      "games": [
        "70140",
        "70132",
        "70130"
      ]
    },
    {
      "name": "mobile.gameCategory.other",
      "category_id": "virtualgames",
      "games": [
        "181011",
        "182013"
      ]
    },
    {
      "name": "mobile.gameCategory.hiddenTab",
      "category_id": "hiddenTab",
      "games": [
        "181011",
        "182013"
      ]
    }
  ],
  "games": [
    {
      "id": "181025",
      "spec": {
        "provider_name": "Groove",
        "sub_provider_name": "Groove_QMG",
        "name": "European Roulette",
        "image_url": "[PROMO_URL]/lobby_images/nyx/1x2-gaming/european-roulette.png",
        "fun_real": "BOTH"
      }
    },
    {
      "id": "70132",
      "spec": {
        "provider_name": "Groove",
        "sub_provider_name": "Groove_QMG",
        "name": "Pixie Gold",
        "image_url": "[PROMO_URL]/lobby_images/nyx/lightningbox/pixie-gold.png",
        "fun_real": "BOTH"
      }
    }
  ]
}

Status 500

{
  "errMsg": "internal_error"
}

Response Parameters:

Name	Type	Description
structure.name	string	game category tag.
structure.category_id	string	game category name.
structure.games	array	list of game ids under the category.
games.id	string	game id unique identifier.
games.spec.name	string	game name.
games.spec.image_url	string	game logo.
games.spec.fun_real	string	indication if game supports fun play mode, options are: ‘REAL’/ ‘BOTH’.
games.spec.provider_name	string	the provider which game comes from.
games.spec.sub_provider_name	string	actual vendor game is be launched from.

internationalization (i18n)

This method retrieves the i18n tags that are used for application localization and internationalization.

Request (GET)

`/gateway/i18n/{version}/tags/{brand_id}/{language}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
language	path	string	true	The language tags should be fetched in.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "bo.currency.CAD": "CAD - Kanadisches Pfund",
  "bo.currency.AUD": "AUD - Australischer Dollar",
  "bo.currency.EUR": "EUR - Euro"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "errMsg": "internal server error"
}

Response Parameters:

Response will contain json object with all the available tags in the system for the given language.

TnC And Privacy Policy

This method retrieves the text of your Terms and Conditions (T&C) and Privacy policy in the language that you specify. You use this method to populate your T&C page with your T&C content when a user visits it. use gateway.[msdomain]

Request (GET)

`/gateway/tnc/{version}/document/revision/lastPublished/{brand_id}/{language}/{type}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
language	path	string	true	The language get data for.
type	path	string	true	The type of request (tnc/privacy are the only options).
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "language": "en",
  "prompt": "1",
  "version": "26.1.1",
  "body": "this is the tnc version of brand please read all sections carefully"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
language	language of given doc.
prompt	an indication if player will get notified if new version of doc is available.
version	current version of doc.
body	doc content.

Countries

This method retrieves a list of countries that includes the country name, telephone code, and short country name in ISO3166-1 alpha2 and ISO3166-1 alpha3 formats. use gateway.[msdomain]

Please note, there is different response between versions, old version is deprecated and will be removed soon.

Request (GET)

`/gateway/site-management/{version}/{brand_id}/countries`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200 (if version below 1.29.15)

    [
  {
    "name": "Israel",
    "alfa2": "IL",
    "alfa3": "ISR",
    "phoneCode": "972"
  }
]

Status 200 (version 1.29.15 and above)

    {
  "country_list": [
    {
      "name": "Israel",
      "alfa2": "IL",
      "alfa3": "ISR",
      "phoneCode": "972"
    }
  ],
  "current_country": "IL"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
current_country	ISO2 country code, will be taken from X-Forwarded-For header.
country_list.name	Country full name.
country_list.alfa2	Country ISO2 representation.
country_list.alfa3	Country ISO3 representation.
country_list.phoneCode	Country phone prefix.

Message Format

This method returns a lightbox format pop-up structure that you can use to format a message for the player.

If a server returns an error or informative message in addition to a standard HTTP code, it is represented as a formalized string tag. The client application can then use this method to format this string tag as a user-friendly message.

The available message formats that you can use with this method are returned in the responses to several other calls, including the following ones:

Create New Withdrawal Cancel Pending Withdrawal Check Withdrawal Requirements use gateway.[msdomain]

Request (GET)

`/gateway/site-management/{version}/content/message/format/{message_string}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
message_string	path	string	true	The message format that you want to use.
brand_id	query	int	false	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "type": "Alert",
  "title": "mobile.page.registration.headerStep1",
  "content": "mobile.page.registration.fields.login.validators.userExists",
  "button_1_text": "mobile.button.ok"
}

Status 400

{
  "errMsg": "Message Not Found according to your search"
}

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "errMsg": "internal server error"
}

Response Parameters:

Name	Type	Description
type	string	The type of the message.
title	string	The title to display for the message.
content	string	The content to display for the message.
button_X_text	string	where X will be incrementing number of buttons.

Player Management

Player Management Endpoints

This section will display all player endpoints.

Admission

Admission Endpoints

This section will display all available endpoints to get admission data (Registration / Login).

Registration Step One

This method creates an account for a player. The account is temporary and incomplete. If the player logs in to an incomplete account, they are automatically redirected to Registration Step two to complete their registration. use gateway.[msdomain] Parameter signOptOut required only for Malta or UK regulated brands

Request (POST)

`/gateway/reg-step-one/{version}/{brand_id}`

{
  "loginName": "string",
  "email": "string",
  "password": "stringst",
  "over18": true,
  "signTNC": true,
  "signOptOut": true,
  "language": "en",
  "btag": "string",
  "bonusCode": "string",
  "currency": "EUR",
  "aff_extra_param": "string"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
loginName	body	string	true	Player user name to login with, user will be considered as test account if it has ‘qqtst_’ prefix.
email	body	string	true	Player personal email.
password	body	string	true	Player password to login with.
over18	body	boolean	true	Player confirmation he is over 18.
signTNC	body	boolean	true	Player confirmation he has read and accept TnC and Privacy policy.
signOptOut	body	boolean	false	Player notification if he does not want any notification via: chat/sms/chat.
language	body	string	true	Player chosen language, this will be the language player receives mails in.
btag	body	string	true	Affiliation system reference.
bonusCode	body	string	false	Promotion code which will determine bonuses to give.
currency	body	string	true	Player currency to use in site.

Response

Status 200 The response to a successful result contains an OK string with the auth_token that you need to use in the * Register Player - Step 2* call.

{
  "auth_token": "32fc6f4e-6a54-4807-8988-9911cb2aff92",
  "result": "OK",
  "player_id": 123
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "authToken": "null",
  "result": [
    {
      "field": "null",
      "errorCode": "Internal_server_error"
    }
  ]
}

The bonus code provided doesn’t exist in the system.

{
  "field": "bonusCode",
  "errorCode": "invalid_bonus_code"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

When a 422 validation error occurs, the response returns an array of one or more error codes detailing the fields that have validation errors. Multiple error messages are issued in the same validation form. The site should handle these validation errors and present a validation message to the player.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
loginName	login_required	A login name is required.
loginName	login_already_exists	A user with this name already exists.
loginName	login_not_enough_char	The user name must contain at least 6 characters.
loginName	login_long	the login name must not exceed 15 characters.
loginName	login_invalid_char
email	email_required	An email address is required.
email	email_syntax_error	The email syntax is wrong. Format is aaa@bbb.ccc.
email	email_fraud	The mail domain will be checked against a fraud list (test players qqtst_ will not be checked).
email	email_already_exists	Email already exists.
password	password_short	The password is too short. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_long	Password cannot exceed 15 characters.
password	password_match_user_name	Password must be different from the email and username.
password	password_same_letters	Password has too many repeating characters. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_mix_characters	The password must have a combination of letters and digits.
bonusCode	invalid_bonus_code	The bonus code doesn’t exist in the system.
over18	over_18	The user didn’t mark the “over 18” field and/or sign the T&C.
currency	currency_unknown	The currency provided is unknown.
genericError	generic_error	The language provided is invalid.

{
  "auth_token": null,
  "result": [
    {
      "field": "loginName",
      "errorCode": "login_already_exists"
    },
    {
      "field": "email",
      "errorCode": "email_already_exists"
    },
    {
      "field": "currency",
      "errorCode": "currency_unknown"
    }
  ]
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
auth_token	UUID to be used when sending registration step two request.
player_id	unique id for the generated player.

Registration Step Two

This method completes the user registration process and makes the player’s account permanent.use gateway.[msdomain]

Request (POST)

`/gateway/reg-step-two/{version}/{brand_id}`

{
  "auth_token": "9deda661-7e8d",
  "firstName": "Firstname",
  "lastName": "Lastname",
  "birthDate": "01/01/1990",
  "gender": "M",
  "language": "en",
  "country": "HU",
  "city": "City",
  "address": "st. Somestreet, 10",
  "zipCode": "12345",
  "mobileNumber": "39-34535345",
  "uuid": "102d7d3834f4694ef00662"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
auth_token	body	string	true	Token received from step one result OR token received during login with incomplete registration status.
firstName	body	string	true	Player first name.
lastName	body	string	true	Player last name.
birthdate	body	boolean	true	Player date of birth, should be in format of: DD/MM/YYYY.
language	body	boolean	true	Language to use on site.
country	body	boolean	true	Player country.
city	body	string	true	Player city.
address	body	string	true	Player address.
zipCode	body	string	true	Player address zip postal code.
mobileNumber	body	string	true	Player mobile number, should contain country code prefix + number (XX-YYYYYY).
uuid	body	string	true	TMX validation param.

Response

Status 200 The response to a successful.

{
  "message": "",
  "result": "OK",
  "auth_token": "null",
  "authToken": "null"
}

Status 400

{
  "message": "malformed_request",
  "result": "malformed_request",
  "auth_token": "null",
  "authToken": "null"
}

Status 401.

{
  "message": "",
  "result": "malformed_token",
  "auth_token": "null",
  "authToken": "null"
}

Status 400.

{
  "result": "general_error"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
firstName	first_name_invalid	Invalid characters in first name. This field accepts only letters and numbers.
lastName	last_name_invalid	Invalid characters in last name. This field accepts only letters and numbers.
birthDate	birth_date_required	Birth date empty.
birthDate	birth_date_invalid	Birth date is not valid (31.2).
birthDate	birth_date_over18	Player must be over 18.
gender	gender_required	Gender field empty.
language	language_required	Invalid language.
country	country_required	Country field empty.
address	address_invalid	Address format not valid.
mobileNumber	mobile_required	User didn’t provide a mobile number.
mobileNumber	mobile_invalid	Mobile number contains invalid characters.

{
  "message": "",
  "result": [
    {
      "field": "firstName",
      "errorCode": "first_name_invalid",
      "result": "",
      "status": "422"
    }
  ],
  "auth_token": "null",
  "authToken": "null"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
auth_token	UUID to be used when sending registration step two requst.
player_id	unique id for the generated player.

Email and Password Registration

This method creates an player account while providing minimal information.

Request (POST)

`/gateway/email-and-pass-reg/{version}/{brand_id}`

The following call uses same but it is deprecated: /gateway/short-reg/{version}/{brand_id}

{
  "email": "string",
  "password": "stringst",
  "over18": true,
  "signTNC": true,
  "language": "en",
  "bonusCode": "string",
  "btag": "string",
  "uuid": "102d7d3834f4694ef00662"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
email	body	string	true	Player personal email.
password	body	string	true	Player password to login with.
over18	body	boolean	true	Player confirmation he is over 18.
signTNC	body	boolean	true	Player confirmation he has read and accept TnC and Privacy policy.
language	body	string	true	Player chosen language, this will be the language player receives mails in.
btag	body	string	true	Affiliation system reference.
bonusCode	body	string	false	Promotion code which will determine bonuses to give.
currency	body	string	true	Player currency to use in site.

Response

Status 200

{
  "message": "",
  "result": "OK",
  "auth_token": "token123",
  "authToken": null,
  "player_id": 123
}

Status 400

{
  "message": "malformed_request",
  "result": "malformed_request",
  "auth_token": "null",
  "authToken": "null"
}

Status 401

{
  "message": "",
  "result": "malformed_token",
  "auth_token": "null",
  "authToken": "null"
}

The bonus code provided doesn’t exist in the system.

{
  "field": "bonusCode",
  "errorCode": "invalid_bonus_code"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
loginName	login_required	A login name is required.
loginName	login_already_exists	A user with this name already exists.
loginName	login_not_enough_char	The user name must contain at least 6 characters.
loginName	login_long	the login name must not exceed 15 characters.
loginName	login_invalid_char
email	email_required	An email address is required.
email	email_syntax_error	The email syntax is wrong. Format is aaa@bbb.ccc.
email	email_fraud	The mail domain will be checked against a fraud list (test players qqtst_ will not be checked).
email	email_already_exists	Email already exists.
password	password_short	The password is too short. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_long	Password cannot exceed 15 characters.
password	password_match_user_name	Password must be different from the email and username.
password	password_same_letters	Password has too many repeating characters. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_mix_characters	The password must have a combination of letters and digits.
bonusCode	invalid_bonus_code	The bonus code doesn’t exist in the system.
over18	over_18	The user didn’t mark the “over 18” field and/or sign the T&C.
currency	currency_unknown	The currency provided is unknown.
genericError	generic_error	The language provided is invalid.

{
  "auth_token": null,
  "result": [
    {
      "field": "loginName",
      "errorCode": "login_already_exists"
    },
    {
      "field": "email",
      "errorCode": "email_already_exists"
    },
    {
      "field": "currency",
      "errorCode": "currency_unknown"
    }
  ]
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
auth_token	UUID to be used when sending registration step two requst.
player_id	unique id for the generated player.

Basic Details Registration

This method creates an player account while providing minimal information.

Request (POST)

`/gateway/basic-details-reg/{version}/{brand_id}`

The following call uses same but it is deprecated: /gateway/extended-short-reg/{version}/{brand_id}

{
  "loginName": "string",
  "password": "stringst",
  "email": "string",
  "over18": true,
  "signTNC": true,
  "language": "en",
  "currency": "EUR",
  "bonusCode": "string",
  "btag": "string",
  "uuid": "102d7d3834f4694ef00662"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
loginName	body	string	true	Player user name to login with, user will be considered as test account if it has ‘qqtst_’ prefix.
email	body	string	true	Player personal email.
password	body	string	true	Player password to login with.
over18	body	boolean	true	Player confirmation he is over 18.
signTNC	body	boolean	true	Player confirmation he has read and accept TnC and Privacy policy.
language	body	string	true	Player chosen language, this will be the language player receives mails in.
btag	body	string	true	Affiliation system reference.
bonusCode	body	string	false	Promotion code which will determine bonuses to give.
currency	body	string	true	Player currency to use in site.

Response

Status 200

{
  "message": "",
  "result": "OK",
  "auth_token": "token123",
  "authToken": null,
  "player_id": 123
}

Status 400

{
  "message": "malformed_request",
  "result": "malformed_request",
  "auth_token": "null",
  "authToken": "null"
}

Status 401

{
  "message": "",
  "result": "malformed_token",
  "auth_token": "null",
  "authToken": "null"
}

The bonus code provided doesn’t exist in the system.

{
  "field": "bonusCode",
  "errorCode": "invalid_bonus_code"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
loginName	login_required	A login name is required.
loginName	login_already_exists	A user with this name already exists.
loginName	login_not_enough_char	The user name must contain at least 6 characters.
loginName	login_long	the login name must not exceed 15 characters.
loginName	login_invalid_char
email	email_required	An email address is required.
email	email_syntax_error	The email syntax is wrong. Format is aaa@bbb.ccc.
email	email_fraud	The mail domain will be checked against a fraud list (test players qqtst_ will not be checked).
email	email_already_exists	Email already exists.
password	password_short	The password is too short. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_long	Password cannot exceed 15 characters.
password	password_match_user_name	Password must be different from the email and username.
password	password_same_letters	Password has too many repeating characters. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_mix_characters	The password must have a combination of letters and digits.
bonusCode	invalid_bonus_code	The bonus code doesn’t exist in the system.
over18	over_18	The user didn’t mark the “over 18” field and/or sign the T&C.
currency	currency_unknown	The currency provided is unknown.
genericError	generic_error	The language provided is invalid.

{
  "auth_token": null,
  "result": [
    {
      "field": "loginName",
      "errorCode": "login_already_exists"
    },
    {
      "field": "email",
      "errorCode": "email_already_exists"
    },
    {
      "field": "currency",
      "errorCode": "currency_unknown"
    }
  ]
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
auth_token	UUID to be used when sending registration step two requst.
player_id	unique id for the generated player.

This method logs in player to site, and returns a token to be used in all other methods. use gateway.[msdomain]

Request (POST)

`/gateway/login/{version}/{brand_id}/player`

{
  "user_name": "string",
  "email": "string",
  "password": "string",
  "language": "string",
  "brand_id": "string"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
user_name	body	string	false	Player user name to login with, if not sent, email will be used.
email	body	string	false	Player personal email, if user_name is not sent, email will be used as the user name.
password	body	string	true	Player password to login with.
language	body	string	true	Player chosen language, this will be the language player receives mails in.
2fa-auth-token	header	string	false	Player 2FA Auth token that was given when the Player turned on the 2FA requirement in the account page

Response

Status 200

{
  "auth_token": "e74af034-a346-4d5c-be97-f7ed83f373a7",
  "result": "OK",
  "actions": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    " account_closure",
    "swap_limits",
    "start_game",
    "wallet",
    "login",
    "KYC"
  ],
  "documents_required": true,
  "identification_token": "214fecab65a7031b8530d4d000f3aa8b",
  "links": {
    "get_crm_token": "/gateway/crm/{version}/{brand_id}/token"
  }
}

Status 303

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

Response notes:

documents_required indicates if the player must upload KYC documents now. when true, identification_token contains a UUID (otherwise empty string).
For INCOMPLETE_REGISTRATION and EMAIL_NOT_VERIFIED it’s always false because these occur before KYC is needed; a true value for them cannot occur logically.

Example 1 — INCOMPLETE_REGISTRATION (no documents required)

{
  "token": "e74af034-a346-4d5c-be97-f7ed83f373a7",
  "result": "INCOMPLETE_REGISTRATION",
  "actions": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    "account_closure",
    "swap_limits",
    "start_game",
    "wallet",
    "login"
  ],
  "documents_required": false,
  "identification_token": ""
}

Example 2 — TNC_APPROVAL_REQUIRED (documents required)

{
  "token": "e74af034-a346-4d5c-be97-f7ed83f373a7",
  "result": "TNC_APPROVAL_REQUIRED",
  "actions": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    "account_closure",
    "swap_limits",
    "start_game",
    "wallet",
    "KYC",
    "login"
  ],
  "documents_required": true,
  "identification_token": "214fecab65a7031b8530d4d000f3aa8b"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

Error Code	Description
USER_PASSWORD_NOT_VALID	Credentials entered do not match any player in system.
EXCEEDED_MAX_LOGIN_ATTEMPTS	To many login attempts made in short period, need to wait few minutes till next try, till then, player will be considered as ‘Blocked’.
BANNED_COUNTRY	Login country is forbidden.
PLAYER_BLOCKED	Player cannot login, he is blocked.
IP_BLOCKED	IP has been black listed in system.

{
  "result": "USER_PASSWORD_NOT_VALID"
}

Status 401 (Player need to verify his mobile number)

{
  "status": "mobile_verification_required",
  "data": {
    "mobile_number": "****1234",
    "2fa_auth_token": "60a6bbc8-95a3-4b4f-8305-cb334cc975b1"
  }
}

Status 401 (Player need to verify his mobile number)

{
  "status": "sms_verification_required",
  "data": {
    "mobile_number": "****1234",
    "2fa_auth_token": "60a6bbc8-95a3-4b4f-8305-cb334cc975b1"
  }
}

Status 401 (Need to wait before sending SMS code again)

{
  "status": "LOGIN_IN_PROCESS",
  "data": {
    "description": "Please wait before sending again in 52 seconds",
    "remaining_time": 52
  }
}

Status 401 (Player is blocked due to missing KYC documents)

{
  "result": "PLAYER_BLOCKED",
  "actions": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    "account_closure",
    "swap_limits",
    "start_game",
    "wallet",
    "KYC",
    "login"
  ],
  "documents_required": true,
  "identification_token": "214fecab65a7031b8530d4d000f3aa8b"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
token	UUID which should be used as x-auth-token during player login time on each action he performs on site.
actions	List containing all regulation requirements.

Logout

This method will be used to logout player from site. use gateway.[msdomain]

Request (POST)

`/gateway/logout/{version}/{brand_id}/player`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player session to logout.

Response

Status 200

{
  "result": "successful logout"
}

Status 303

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "token": "e74af034-a346-4d5c-be97-f7ed83f373a7",
  "result": "INCOMPLETE_REGISTRATION",
  "actions": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    "account_closure",
    "swap_limits",
    "start_game",
    " wallet",
    "login"
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Keep Alive

This method extends player session in site. use gateway.[msdomain]

Request (POST)

`/gateway/login/keep-alive/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player session.

Response

Status 204

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Get Crm Token

This method gets the crm token of the player

Request (Get)

`/gateway/crm/{version}/{brand_id}/token`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	The token the player got from the Login response

Response

Status 200

{
  "status": "Success",
  "data": {
    "token": "e94187765acfe001e415107c68f6a6fd5e74b66042145fe28609787b2e881b67",
    "expire_time": "2024-08-27T16:50:16+02:00" 
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "token header is missing"
}

Status 500

{
  "result": "internal server error"
}

Test User Registration

This method creates an account for a player. The account is temporary and incomplete. If the player logs in to an incomplete account, they are automatically redirected to step 2 to complete their registration. use gateway.[msdomain] Parameter signOptOut required only for Malta or UK regulated brands

Request (POST)

`/gateway/registration-test-user/{version}/{brand_id}`

{
  "emailVerified": true,
  "withdrawalAllowedDepositAllowed": true,
  "bonusOptOut": 0,
  "userBlocked": true,
  "operator": "string",
  "stepOne": {
    "loginName": "string",
    "email": "string",
    "password": "stringst",
    "over18": true,
    "signTNC": true,
    "signOptOut": true,
    "language": "en",
    "btag": "string",
    "bonusCode": "string",
    "currency": "EUR",
    "aff_extra_param": "string"
  },
  "stepTwo": {
    "auth_token": "string",
    "firstName": "string",
    "lastName": "string",
    "birthDate": "string",
    "gender": "string",
    "language": "en",
    "country": "string",
    "city": "string",
    "address": "string",
    "zipCode": "string",
    "mobileNumber": "39-34535345",
    "uuid": "string"
  }
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
emailVerified	body	string	true	Indication if to set email as verified or not.
withdrawalAllowedDepositAllowed	body	string	true	Indication if the player can deposit/withdraw.
bonusOptOut	body	string	true	Indication if the player can accept bonuses or not.
userBlocked	body	string	true	Indication if the player will be blocked.
stepOne.loginName	body	string	true	Player chosen username for site.
stepOne.email	body	string	true	Player personal email.
stepOne.password	body	string	true	Player password to login with.
stepOne.over18	body	boolean	true	Player confirmation he is over 18.
stepOne.signTNC	body	boolean	true	Player confirmation he has read and accept TnC and Privacy policy.
stepOne.signOptOut	body	boolean	false	Player notification if he does not want any notification via: chat/sms/chat.
stepOne.language	body	string	true	Player chosen language, this will be the language player receives mails in.
stepOne.btag	body	string	true	Affiliation system reference.
stepOne.bonusCode	body	string	false	Promotion code which will determine bonuses to give.
stepOne.currency	body	string	true	Player currency to use in site.
stepTwo.firstName	body	string	true	Player first name.
stepTwo.lastName	body	string	true	Player last name.
stepTwo.birthdate	body	boolean	true	Player date of birth, should be in format of: DD/MM/YYYY.
stepTwo.language	body	boolean	true	Language to use on site.
stepTwo.country	body	boolean	true	Player country.
stepTwo.city	body	string	true	Player city.
stepTwo.address	body	string	true	Player address.
stepTwo.zipCode	body	string	true	Player address zip postal code.
stepTwo.mobileNumber	body	string	true	Player mobile number, should contain country code prefix + number (XX-YYYYYY).
stepTwo.uuid	body	string	true	TMX validation param.

Response

Status 200 The response to a successful result contains an OK string with the auth_token that you need to use in the * Register Player - Step 2* call.

{
  "auth_token": "32fc6f4e-6a54-4807-8988-9911cb2aff92",
  "result": "OK"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "authToken": "null",
  "result": [
    {
      "field": "null",
      "errorCode": "Internal_server_error"
    }
  ]
}

The bonus code provided doesn’t exist in the system.

{
  "field": "bonusCode",
  "errorCode": "invalid_bonus_code"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
loginName	login_required	A login name is required.
loginName	login_already_exists	A user with this name already exists.
loginName	login_not_enough_char	The user name must contain at least 6 characters.
loginName	login_long	the login name must not exceed 15 characters.
loginName	login_invalid_char
email	email_required	An email address is required.
email	email_syntax_error	The email syntax is wrong. Format is aaa@bbb.ccc.
email	email_fraud	The mail domain will be checked against a fraud list (test players qqtst_ will not be checked).
email	email_already_exists	Email already exists.
password	password_short	The password is too short. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_long	Password cannot exceed 15 characters.
password	password_match_user_name	Password must be different from the email and username.
password	password_same_letters	Password has too many repeating characters. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_mix_characters	The password must have a combination of letters and digits.
bonusCode	invalid_bonus_code	The bonus code doesn’t exist in the system.
over18	over_18	The user didn’t mark the “over 18” field and/or sign the T&C.
currency	currency_unknown	The currency provided is unknown.
genericError	generic_error	The language provided is invalid.

{
  "auth_token": null,
  "result": [
    {
      "field": "loginName",
      "errorCode": "login_already_exists"
    },
    {
      "field": "email",
      "errorCode": "email_already_exists"
    },
    {
      "field": "currency",
      "errorCode": "currency_unknown"
    }
  ]
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
auth_token	UUID to be used when sending registration step two requst.

Open Rounds

Open Rounds Endpoints

This section will display all available endpoints to manage open rounds for a player.

Single Player Open Rounds

This method retrieves open rounds for a single player ( up tp 20 results)

Request (GET)

`/gateway/rounds/{version}/player/open/{brand_id}/{player_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
player_id	path	string	true	The ID of the player.
	Authorization header	string	true	AI Chat stored token

Response

Status 200

{
  "status": "Success",
  "data": {
    "total_open_rounds_count": 2,
    "open_rounds": [
      {
        "created_time": "2024-12-03 15:04:05",
        "game_id": 169000049,
        "bet_amount": 3,
        "round_id": "986ba9e06c9a447785512ac2a146880c",
        "game_name": "Mo Mo Moolah",
        "game_provider_name": "OneTouch"
      },
      {
        "created_time": "2024-12-03 15:04:05",
        "game_id": 153000233,
        "bet_amount": 2,
        "round_id": "6a7699aba93547a5a73512068a039229",
        "game_name": "Oriental Flower ",
        "game_provider_name": "Groove_Dragon"
      }
    ]
  }
}

// no open rounds found

{
  "status": "Success",
  "data": {
    "total_open_rounds_count": 0,
    "open_rounds": null
  }
}

Status 401 // Wrong authorization header sent

{
  "status": "Failure",
  "data": "",
  "message": "Access Denied",
  "user_friendly_message": ""
}

Status 408 // timeout

{
  "status": "Error",
  "data": "",
  "message": "request timed out",
  "user_friendly_message": ""
}

Status 500

{
  "status": "Error",
  "data": "",
  "message": "Internal Server Error",
  "user_friendly_message": ""
}

This method is used to close all open rounds for a single player and return to AI chat the response of the operation

Request (PUT)

`/gateway/rounds/{version}/player/close/aggregate/{brand_id}/{player_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
player_id	path	string	true	The ID of the player.
	Authorization header	string	true	AI Chat stored token

Response

Status 200

{
  "status": "Success",
  "data": {
    "failed_to_close_rounds": [],
    "successfully_closed_rounds": [
      {
        "round_id": "3"
      },
      {
        "round_id": "2"
      },
      {
        "round_id": "1"
      }
    ]
  }
}

Status 401 // Wrong authorization header sent

{
  "status": "Failure",
  "data": "",
  "message": "Access Denied",
  "user_friendly_message": ""
}

Status 408 // timeout

{
  "status": "Error",
  "data": "",
  "message": "request timed out",
  "user_friendly_message": ""
}

Status 424 // failed to close some of the open rounds for the player

{
  "status": "Failure",
  "data": {
    "failed_to_close_rounds": [
      {
        "round_id": "3"
      },
      {
        "round_id": "2"
      }
    ],
    "successfully_closed_rounds": [
      {
        "round_id": "1"
      }
    ]
  },
  "message": "unable to close all open rounds",
  "user_friendly_message": ""
}

Personal Data

Personal Data Endpoints

This section will display all available endpoints to get personal data.

Personal Details

This method returns the details for a player. Use this method to open your own personal details page for a user to update the user. use gateway.[msdomain]

Request (GET)

`/gateway/player-personal-details/player/details/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "firstName": "playerName",
  "lastName": "playerLastname",
  "birthdate": "1996-11-02 00:00:00",
  "gender": "F",
  "language": "en",
  "country": "AD",
  "city": "playerCity",
  "address": "playerAddress",
  "zipPostalCode": "1111",
  "phone": "countrycode-phonenumber",
  "eMail": {
    "eMailAdress": "playermael@domain.com",
    "isVerified": true
  },
  "optOut": {
    "chat": false,
    "sms": false,
    "email": true,
    "phone": true
  },
  "is2faRequired": true,
  "mobileVerificationStatus": 0,
  "mobileVerificationStatusDate": "2022-01-01 00:00:00",
  "mobileVerificationStatusChangedBy": "system",
  "pendingMobileNumber": "555-111111"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
firstName	Player first name.
lastName	Player last name.
birthdate	Player date of birth.
gender	Player gender (F/M).
language	Player emailing language.
country	Player country.
city	Player city.
address	Player address.
zipPostalCode	Player zip code.
phone	Player mobile number.
eMail.emailAddress	Player email address.
eMail.isVerified	Player email address verification status.
optOut.chat	Indication if player requested to not get contacted in chat.
optOut.sms	Indication if player requested to not get contacted in sms.
optOut.email	Indication if player requested to not get contacted in email.
optOut.phone	Indication if player requested to not get contacted in phone.
is2faRequired	Indication if player has set is account to require 2fa.
mobileVerificationStatus	Indication if player has confirmed his mobile number.
mobileVerificationStatusDate	Indication when player has confirmed his mobile number.
mobileVerificationStatusChangedBy	Indication who confirmed his mobile number.
pendingMobileNumber	Player phone number pending verification.

Request (PUT)

`/gateway/player-personal-details/player/details/{version}/{brand_id}`

Parameters:

{
  "lastName": "last",
  "firstName": "last",
  "birthdate": "2000-01-01",
  "gender": "M",
  "language": "en",
  "country": "IL",
  "city": "city",
  "address": "address",
  "zipPostalCode": "123123123",
  "phone": "12-1231231",
  "comment": "comment",
  "operator": "Player",
  "optOut": "{\"chat\": false}"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
lastName	body	string	false	Player new last name.
firstName	body	string	false	Player new first name.
birthdate	body	string	false	Player new birthdate (format YYYY-MM-DD).
gender	body	string	false	Player new gender (F/M).
country	body	string	false	Player new country.
city	body	string	false	Player new city.
address	body	string	false	Player new address.
zipPostalCode	body	string	false	Player new zip code.
phone	body	string	false	Player new mobile number.
optOut.sms	body	bool	false	Player new sms opt out status.
optOut.chat	body	bool	false	Player new chat opt out status.
optOut.email	body	bool	false	Player new email opt out status.
optOut.phone	body	bool	false	Player new phone opt out status.

Response

Status 204 (No Content)

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "errMsg": "invalid input"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 403 (When trying to update mobile number while verification is enabled - 2fa/verification)

{
  "status": "mobile_verification_required",
  "data": {
    "mobile_number": "09a21de0-a6c2-11ed-94a8-8a19e0bf9728",
    "2fa_auth_token": "221-34535345"
  }
}

Status 404

{
  "errMsg": "Player Personal Details not found"
}

Status 500

{
  "result": "internal server error"
}

Custom Fields

This method returns the details for a player. Use this method to open your own personal details page for a user to update the user. use gateway.[msdomain]

Request (GET)

`/gateway/player-personal-details/{version}/custom-fields/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player unique login session id.

Response

Status 200

{
  "strCustomFields": [
    {
      "id": "string",
      "name": "string",
      "value": "string"
    }
  ],
  "intCustomFields": [
    {
      "id": "string",
      "name": "string",
      "value": 0
    }
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Request (PUT)

`/gateway/player-personal-details/{version}/custom-fields/{brand_id}`

Parameters:

{
  "strCustomFields": [
    {
      "id": "string",
      "name": "string",
      "value": "string"
    }
  ],
  "intCustomFields": [
    {
      "id": "string",
      "name": "string",
      "value": 0
    }
  ]
}

Response

Status 200

{
  "result": "success"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "errMsg": "invalid input"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Update Player Email

This method updates a player’s email address.

The new email address is placed in a pending status until the player verifies it. The system sends a verification email that contains a verificaton link to the player’s new and old email addresses. use gateway.[msdomain]

Request (POST)

`/gateway/player-personal-details/player/details/emailUpdate/{version}/{brand_id}`

{
  "email": "aaa@aaa.com",
  "comment": "test"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
eMail	body	string	true	Player new email.
comment	body	string	false	Comment to insert during update, if not set, default is: player request.

Response

Status 204 (No content)

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 404

{
  "errMsg": "Player Personal Email not found"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
email	email_required	An email address is required.
email	email_syntax_error	The email syntax is wrong. Format is aaa@bbb.ccc.
email	email_fraud	The mail domain will be checked against a fraud list (test players qqtst_ will not be checked).
email	email_already_exists	Email already exists.
email	email_long	Email to long.
email	invalid_email	Email entered is invalid.

{
  "result": [
    {
      "field": "email",
      "errorCode": "invalid_email"
    }
  ]
}

Status 500

{
  "result": "internal server error"
}

Forgot Password

This method sends a password reset email to a player. use gateway.[msdomain]

Request (POST)

`/gateway/admission/{version}/forgot/password/{brand_id}`

Parameters:

{
  "mail": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
mail	body	string	true	player email to send a link for reset password to.

Response

Status 201

{
  "message_format": "forgot_email_sent"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

{
  "message_format": "email_required"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
message_format	Message format to be displayed taken from Message Format.

Verify Password

This method sends a password reset email to a player. use gateway.[msdomain]

Request (PUT)

`/gateway/admission/{version}/verify/password/{brand_id}`

Parameters:

{
  "new_password": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
hash	query	string	true	unique hash to identify request.
new_password	body	string	true	Player request for new password.

Response

Status 200

{
  "message_format": "password_successfully_changed"
}

Status 202

{
  "token": "sdfsdf-sdfsdf-sdf-sdf-sdf",
  "message_format": "password_successfully_changed"
}

Status 400

{
  "message_format": "general_failure"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
message_format	Message format to be displayed taken from Message Format.
token	Login session to be used for following calls, if token returns and not empty, that means login process was successful.

Change Password

This method sends a password reset email to a player. use gateway.[msdomain]

Request (PUT)

`/gateway/admission/{version}/player/{brand_id}/change/password`

Parameters:

{
  "old_password": "string",
  "new_password": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
old_password	body	string	true	player old password for verification.
new_password	body	string	true	player new password.

Response

Status 202

{
  "message_format": "password_replaced"
}

Status 303

{
  "“message_format”": "“tnc_approval_required”"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
password	password_short	The password is too short. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_long	Password cannot exceed 15 characters.
password	password_match_user_name	Password must be different from the email and username.
password	password_same_letters	Password has too many repeating characters. It must have at least 8 characters, including a combination of digits and letters. It should also contain at least 4 different characters.
password	password_mix_characters	The password must have a combination of letters and digits.
password	wrong_old_password	The verification password entered is not valid.

{
  "message_format": "wrong_old_password"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
message_format	Message format to be displayed taken from Message Format.

Resend Activation Email

This method send activation email to player for email verification. use gateway.[msdomain]

Request (PUT)

`/gateway/admission/{version}/resend/activation/email/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

{
  "msg": "Activation Email was sent."
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
msg	Successful message.

Sign TnC

This method indicates that the user has signed the T&C. use gateway.[msdomain] Need to call this method once player approves the T&C. Error regarding approval required will be returned if player has not signed the T&C Or Privacy Policy. Error can be returned from the following endpoints:

Login
Get Payment Methods
Start Game
Get Player Status
Get Player Info

Request (POST)

`/gateway/player/multi/{version}/sign/tnc`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
x-auth-token	header	string	true	Player login session.
brand_id	body	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
player_id	body	string	true	Player unique ID.
language	body	string	true	Player current language on site.
type	body	string	true	One of the following: tnc/privacy, will indicate on what the player has signed.

Response

Status 201

successfully signed TNC

Status 303, in case of player needs to sign both TnC and Privacy Policy, on first approval of TnC, the response will be:

{
  "sign: ": [
    "privacy_policy"
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Online Player Status

This method returns data about an online player. use gateway.[msdomain]

Request (GET)

`/gateway/online-player/{version}/player/{brand_id}/online/status`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "marketingSegmentation": "10",
  "tag_status": 100,
  "deposit_count": 1,
  "vip_level": "Bronze",
  "average_deposit": 44,
  "billboard": "",
  "segmentation_id": 1,
  "maxBalance": 93604,
  "UT": 1,
  "decline": "0",
  "VIP_segment": 1,
  "total_balance": 936.04,
  "pending_withdrawal": 44,
  "total_withdrawals": 0,
  "last_bet": "2022-01-01 00:00:01",
  "last_deposit": "2022-01-01 00:00:01",
  "last_deposit_amount": 44,
  "rounds_since_login": 0,
  "balance_since_login": 0,
  "playerIdLink": "https://cbo2.aaa.com/players/123456789",
  "bonusOptOut": 0,
  "real_balance": 906.04,
  "freeTraffic": false,
  "depositsAmount": 44,
  "chat_opt_out": false,
  "bonusBalance": 30.0,
  "maxWin": 12.0,
  "wageringBalance": 1540.12,
  "wageringComplete": ""
}

Status 303, in case of reality check enabled for player and time has passed

{
  "currency": "EUR",
  "profit": 10,
  "total_bets": 200,
  "total_wins": 300,
  "total_lossed": 0,
  "restart_period": "15_min",
  "time_played": "1 hour 15 minutes",
  "min": "15",
  "h": "1"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
marketingSegmentation	player marketing segmentation.
vip_level	player vip level.
VIP_segment	player vip segmentation.
total_balance	current player balance (including bonuses).
lastBet	player last time of wager.
lastDeposit	player last time of deposit.
realBalance	player real money in balance
bonusBalance	player bonus money in balance
wageringBalance	player remaining wagering money
wageringComplete	indication if player has recently had wagering completed event (0/1)
maxWin	wagering complete max win of bonuses which had wagering completion
wageringCompleteInfoPath	path for wagering complete event details, need to add gateway domain for request - gateway.[msdomain], format will be: ‘/gateway/bonus/{version}/wagering-complete/{brand_id}/{player_id}/{unique_ref_id}’
is_missing_player_details	indication if player has missing details, need to ask to fill details before deposit call

Online Player Info

This method returns data about an online player. use gateway.[msdomain]

Request (GET)

`/gateway/online-player/{version}/{brand_id}/player/info`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "playerID": {
    "username": "itamar1",
    "ID": 33003139,
    "brand": 1
  },
  "firstName": "nadya",
  "lastName": "mag",
  "gender": "F",
  "email": "itamar1@me.com",
  "vip_level": 1,
  "country": "IT",
  "test_account": 0,
  "currencyName": "EUR",
  "currencySymbol": "€",
  "bTag": "PQ4YXsO2q5kWqcfzu"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
playerID.ID	player unique ID in system.

Player Status During Game

This method returns data about an online player. use gateway.[msdomain]

Request (GET)

`/gateway/online-player/{version}/player/{brand_id}/online/ingame/status/{game_session_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
game_session_id	path	string	true	Unique session ID provider by start game request.

Response

Status 200

{
  "marketingSegmentation": "10",
  "tag_status": 100,
  "deposit_count": 1,
  "vip_level": "Bronze",
  "average_deposit": 44,
  "billboard": "",
  "segmentation_id": 1,
  "maxBalance": 93604,
  "UT": 1,
  "decline": "0",
  "VIP_segment": 1,
  "total_balance": 936.04,
  "pending_withdrawal": 44,
  "total_withdrawals": 0,
  "last_bet": "2022-01-01 00:00:01",
  "last_deposit": "2022-01-01 00:00:01",
  "last_deposit_amount": 44,
  "rounds_since_login": 0,
  "balance_since_login": 0,
  "playerIdLink": "https://cbo2.aaa.com/players/123456789",
  "bonusOptOut": 0,
  "real_balance": 906.04,
  "freeTraffic": false,
  "depositsAmount": 44,
  "chat_opt_out": false
}

Status 303, in case of reality check enabled for player and time has passed

{
  "currency": "EUR",
  "profit": 10,
  "restart_period": "15_min",
  "time_played": "1 hour 15 minutes",
  "min": "15",
  "h": "1"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
marketingSegmentation	player marketing segmentation.
vip_level	player vip level.
VIP_segment	player vip segmentation.
total_balance	current player balance (including bonuses).
last_bet	player last time of wager.
last_deposit	player last time of deposit.
real_balance	player real money in balance

Two-Factor Authentication

Two-Factor Authentication Endpoints

This section will display all player endpoints.

Email

Email 2fa Endpoints

Player withdraws with 2fa enabled Withdraw
Player sends the 2fa code to validate it Validate 2fa
The player can resend code if needed Resend 2fa

Send Code

Endpoint that is used to send code to player, part of the verification of the player.

Request (POST)

`/gateway/player-data/{version}/send/code/{brand_id}`

Parameters:

{
  "auth_type": "email"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
request-id	header	string	true	the request id, which will be received in the response of withdraw process API.

Response

Status 200

200 Response

{
  "status": "Success",
  "data": {
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 429

{
  "errMsg": "too many requests"
}

Status 500

{
  "result": "internal server error"
}

Validate Code

Request (PUT)

`/gateway/player-data/{version}/validate/code/{brand_id}`

Parameters:

{
  "auth_type": "email",
  "code": "123456"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
request-id	header	string	true	the request id, which will be received in the response of withdraw process API.
code	body	string	true	received code from player.

Response

Status 200

200 Response

{
  "status": "Success",
  "data": {}
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 422 - this meanning that the code is not valid

{
  "status": "Error",
  "data": {
    "success": "false"
  }
}

Status 429

{
  "errMsg": "too many requests"
}

Status 500

{
  "result": "internal server error"
}

SMS

SMS 2fa Endpoints

This section will display all available endpoints to get 2fa data.

These following scenarios will be covered:

Player Update mobile(And 2fa is required) Personal Details
Player enables 2fa using Update Player Mobile Data
Player login with 2fa enabled (and 2fa token is not sent) Login

In all of the scenarios, response will contain forbidden status(403), and 2fa_auth_token. for all the following requests, 2fa_auth_token should be sent in the header.

Send Code

Endpoint that is used to send code to player, part of the verification of the player.

Request (POST)

`/gateway/player-data/{version}/send/code/{brand_id}`

Parameters:

{
  "mobile_number": "44-123456789"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
2fa-auth-token	header	string	true	2fa auth token, which will be saved in browser.
mobile_number	body	string	true	Player request phone number.

Response

Status 200

200 Response

{
  "status": "Success",
  "data": {
    "description": "Success",
    "2fa_auth_token": "c8bfd06c-f934-4cb9-a554-694825b89328"
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Description
2fa-auth-token	Auth Token is already verified
description	Please wait before sending again
description	Please wait before sending again in %d seconds
description	Authentication attempts limit exceeded
description	Auth token does not exist
remaining_time*	Seconds left before additional call will be allowed (Optional)

{
  "status": "Failed",
  "data": {
    "description": "Please wait before sending again in 50 seconds",
    "2fa_auth_token": "c8bfd06c-f934-4cb9-a554-694825b89328",
    "remaining_time": 50
  }
}

Status 500

{
  "result": "internal server error"
}

Validate Code

Endpoint that is used to validate code from player, part of the verification of the player. Please not, we are executing login if 2fa was successfully validated, response within the ‘data’ section will contain same response as we currently have in login method (on success with additional fields), all additional validations that needs to be done (i.e TNC_REQUIRED) will be returned in the 422 error code under data section, with player token as well, can be used

Request (PUT)

`/gateway/player-data/{version}/validate/code/{brand_id}`

Parameters:

{
  "sms_code": "123456"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
2fa-auth-token	header	string	true	2fa auth token, which will be saved in browser.
sms_code	body	string	true	received code from player.

Response

Status 200

200 Response

{
  "status": "Success",
  "data": {
    "description": "Valid",
    "2fa_auth_token": "c8bfd06c-f934-4cb9-a554-694825b89328",
    "updated_fields": {
      "mobile_number": "44-12456789",
      "verification_status": "1"
    },
    "result": "OK",
    "token": "8e62cc96-a21f-11ed-be7e-b289e620c23d",
    "auth_token": "8e62cc96-a21f-11ed-be7e-b289e620c23d",
    "status": 200
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Description
2fa-auth-token	Auth Token is already verified
2fa-auth-token	Auth token does not exist

{
  "status": "Error",
  "data": {
    "description": "Please wait before sending again in 50 seconds",
    "2fa_auth_token": "c8bfd06c-f934-4cb9-a554-694825b89328"
  }
}

Status 500

{
  "result": "internal server error"
}

Get Player Mobile Data

Endpoint that is used to get player mobile data.

Request (GET)

`/gateway/player-data/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.

Response

200 Response

{
  "status": "Success",
  "data": {
    "brand_id": 1009,
    "player_id": 32574,
    "is_2fa_required": true,
    "mobile": {
      "number": "44-123456789",
      "verification_status": 1,
      "status": "Active",
      "status_comment": "Comment"
    }
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Update Player Mobile Data

Endpoint that is used to update player mobile data.

Request (PUT)

`/gateway/player-data/{version}/send/code/{brand_id}`

Parameters:

{
  "brand_id": 1009,
  "player_id": 32574,
  "is_2fa_required": true,
  "mobile": {
    "number": "44-123456789",
    "status_comment": "Comment"
  }
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.

Response

200 Response

{
  "status": "Success",
  "data": null
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 403

{
  "status": "Error",
  "data": {
    "data": "194eba0c-a6f0-11ed-aca7-caa409abce86"
  },
  "message": "Mobile verification required",
  "userFriendlyMessage": "Mobile verification required"
}

Status 500

{
  "result": "internal server error"
}

KYC Identification

KYC Identification Endpoints

This section will display all available endpoints to get KYC data (Identification URL, Status).

KYC Identification URL

KYC Identification URL (GET)

`/gateway/threat-assessment/{version}/kyc/{brand_id}/identification/url`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use
brand_id	path	int	true	Brand identifier
Identification-token	header	string	true	MD5 hash token for identification(return on login response or on identification status response)
lang	query	string	false	Language code (default: en)

Note: There are 20 attempts allowed per identification journey within 24 hours, counted from the time of the first attempt.

Response

Name	Type	Description
journey_id	string	Unique identifier for the KYC journey
url	string	URL for KYC identification session
qr_code	string	QR code for KYC identification session (Base64 encoded)
session_id	string	Unique session identifier for KYC identification

Status 200

{
  "status": "Success",
  "data": {
    "journey_id": "test-journey-id",
    "url": "http://example.com/APIHandler/idshostSession/?sessionID=test-session-id&lang=en",
    "qr_code": "uhisdgfjasgjhgd",
    "session_id": "test-session-id"
  }
}

Status 400

{
  "status": "Error",
  "message": "Bad Request",
  "user_friendly_message": "token parameter is required for identification token validation"
}

> Status 403

```json
{
  "status": "Error",
  "message": "Journey is not allowed",
  "user_friendly_message": "Journey is not allowed for this player"
}

Status 429

{
  "status": "Error",
  "message": "Attempt limit reached",
  "user_friendly_message": "Attempt limit reached, please try again later"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "Internal server error",
  "user_friendly_message": "Failed to get KYC ID scan URL"
}

KYC Identification Status

KYC Identification Status (GET)

`/gateway/threat-assessment/:version/kyc/:brand_id/identification/status`

Parameters:

Name	In	Type	Required	Description
brand_id	path	int	true	Brand identifier
version	path	string	true	The API version to use.
x-auth-token	header	string	false	Player auth token from Login response
Identification-token	header	string	false	Identification token returned by Login or Identification Status

Note: Provide exactly one of the headers x-auth-token or Identification-token per request. Only one is required.

Response

Name	Type	Description
brand_id	int	The ID of the brand.
player_id	int	The ID of the player.
initialization_date	string	The date when the KYC process was initialized (YYYY-MM-DD HH:MM:SS).
initialized	boolean	Indicates if the KYC process has been initialized.
remaining_days	int	The number of days remaining for KYC completion. If 0, KYC is complete or expired.
id_status	string	The status of the identification (Approved, Pending, N/A, Rejected, Expired, Under Review).
poa_status	string	The status of the proof of address (Approved, Pending, N/A, Rejected, Expired, Under Review).
documents_required	boolean	Indicates if additional documents are required for KYC completion.
token	string	token to send as header `Identification-token` to the KYC Identification URL; empty string when `documents_required` is false

Status 200

{
  "status": "Success",
  "data": {
    "brand_id": 2,
    "player_id": 100,
    "initialization_date": "2024-01-15 10:30:00",
    "initialized": true,
    "remaining_days": 0,
    "id_status": "Approved",
    "poa_status": "Approved",
    "documents_required": false,
    "identification-token": ""
  }
}

Status 200 (Documents Required)

{
  "status": "Success",
  "data": {
    "brand_id": 2,
    "player_id": 102,
    "initialization_date": "2024-01-15 10:30:00",
    "initialized": true,
    "remaining_days": 12,
    "id_status": "Approved",
    "poa_status": "N/A",
    "documents_required": true,
    "identification-token": "35401810700b872c0ac8ccc3a8686291"
  }
}

Status 400

{
    "status": "Error",
    "data": "",
    "message": "Bad Request",
    "userFriendlyMessage": "token parameter is required for identification token validation"
}

Status 401 - x-auth-token used

{
    "status": "Error",
    "data": {
        "errMsg": "invalid input - invalid token"
    },
    "message": "authentication failed",
    "userFriendlyMessage": "Authentication failed"
}

Status 401 - Identification-token used

{
    "status": "Error",
    "data": "",
    "message": "Unauthorized",
    "userFriendlyMessage": "token is not associated with any player"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "Internal server error",
  "user_friendly_message": "Failed to get player identification status"
}

Notifications

Info

Draft Documentation - This section is currently under review and may be subject to changes.

Notification Center Endpoints

This section displays all available endpoints for the notification center system. The notification center allows players to receive, view, and manage in-app notifications for various events such as bonuses, promotions, and account updates.

Service: go_marketing Routes: Configured in go_gateway

Features

Real-time notification delivery via SSE (Server-Sent Events)
Retrieve all player notifications or filter for unread only
Mark individual or multiple notifications as read
90-day notification retention window
Flexible event data structure supporting various notification types

Available Operations

GET - Retrieve player notifications (all or unread only)
PATCH - Mark notifications as read

Note: POST (creating notifications) is an internal operation only and not exposed via the gateway.

Get Notifications

Info

Draft Documentation - This section is currently under review and may be subject to changes.

This method retrieves all notifications for a player, with an optional filter for unread notifications only. Notifications are retained for 90 days and returned in descending order (newest first).

Request (GET)

`/gateway/notifications/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (e.g., “1.0”).
brand_id	path	int	true	The ID of the casino brand.
only_unread	query	boolean	false	If true, returns only unread notifications. Defaults to false (all).

Headers:

Name	Type	Required	Description
x-auth-token	string	true	Player authentication token.

Response

Status 200

{
  "status": "Success",
  "data": {
    "notifications": [
      {
        "message_id": "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
        "brand_id": 1001,
        "player_id": 12345,
        "event": "bonus_granted",
        "event_details": {
          "bonus_amount": 100,
          "bonus_type": "welcome",
          "currency": "USD"
        },
        "is_read": false,
        "time": "2025-10-22 14:30:45"
      },
      {
        "message_id": "b8e9d045-2c3e-5f6g-0d9b-8e7f6g5b4c3d",
        "brand_id": 1001,
        "player_id": 12345,
        "event": "promotion_available",
        "event_details": {
          "promo_id": "PROMO123",
          "expires_at": "2025-11-15",
          "conditions": {
            "min_bet": 100,
            "multiplier": 3
          }
        },
        "is_read": true,
        "time": "2025-10-21 10:15:30"
      }
    ],
    "total_count": 2
  }
}

Response Parameters:

Name	Type	Description
notifications	array	Array of notification objects.
notifications.message_id	string	Unique notification identifier (UUID).
notifications.brand_id	int	Brand identifier.
notifications.player_id	int	Player identifier.
notifications.event	string	Event type (e.g., “bonus_granted”, “promotion_available”).
notifications.event_details	object	Event-specific data (flexible JSON object).
notifications.is_read	boolean	Whether the notification has been read.
notifications.time	string	Notification timestamp in format “YYYY-MM-DD HH:MM:SS”.
total_count	int	Total number of notifications returned.

Example: Get Unread Notifications Only

Request:

GET /notifications/1.0/1001/12345?only_unread=true
x-auth-token: e74af034-a346-4d5c-be97-f7ed83f373a7

Response:

{
  "status": "Success",
  "data": {
    "notifications": [
      {
        "message_id": "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
        "brand_id": 1001,
        "player_id": 12345,
        "event": "bonus_granted",
        "event_details": {
          "bonus_amount": 100,
          "bonus_type": "welcome"
        },
        "is_read": false,
        "time": "2025-10-22 14:30:45"
      }
    ],
    "total_count": 1
  }
}

Status 401

{
  "status": "error",
  "message": "Unauthorized - Invalid or missing authentication token"
}

Status 500

{
  "status": "error",
  "message": "Internal server error"
}

Notes

Notifications are automatically deleted after 90 days.
Results are ordered by time in descending order (newest first).
The event_details field is flexible and can contain any event-specific data as a JSON object.
Common event types include: bonus_granted, promotion_available, deposit_success, kyc_approved, account_update.

Mark Notifications as Read

Info

Draft Documentation - This section is currently under review and may be subject to changes.

This method marks one or more notifications as read for a player. Multiple notifications can be updated in a single request by providing an array of message IDs.

Request (PATCH)

`/gateway/notifications/{version}/{brand_id}`

{
  "message_ids": [
    "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
    "b8e9d045-2c3e-5f6g-0d9b-8e7f6g5b4c3d",
    "c9f0e156-3d4f-6g7h-1e0c-9f8g7h6c5d4e"
  ]
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (e.g., “1.0”).
brand_id	path	int	true	The ID of the casino brand.
message_ids	body	array	true	Array of notification message IDs (UUIDs) to mark as read.

Headers:

Name	Type	Required	Description
x-auth-token	string	true	Player authentication token.

Response

Status 200

{
  "status": "Success",
  "data": {
    "message": "notification was successfully updated"
  }
}

Response Parameters:

Name	Type	Description
status	string	Operation status (“Success”).
message	string	Confirmation message.

Example: Mark Single Notification as Read

Request:

{
  "message_ids": [
    "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c"
  ]
}

Response:

{
  "status": "Success",
  "data": {
    "message": "notification was successfully updated"
  }
}

Example: Mark Multiple Notifications as Read

Request:

{
  "message_ids": [
    "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
    "b8e9d045-2c3e-5f6g-0d9b-8e7f6g5b4c3d",
    "c9f0e156-3d4f-6g7h-1e0c-9f8g7h6c5d4e"
  ]
}

Response:

{
  "status": "Success",
  "data": {
    "message": "notification was successfully updated"
  }
}

Status 400

{
  "status": "error",
  "message": "Bad Request - Invalid request body or missing message_ids"
}

Status 401

{
  "status": "error",
  "message": "Unauthorized - Invalid or missing authentication token"
}

Status 500

{
  "status": "error",
  "message": "Internal server error"
}

Notes

This operation updates the is_read flag to true and sets the update_time to the current timestamp.
Marking an already-read notification as read again has no effect (idempotent operation).
The operation uses a database transaction with rollback handling to ensure data integrity.
Non-existent message IDs in the array are silently ignored.
Empty message_ids array will return a 400 error.

Server-Sent Events (SSE)

Info

Draft Documentation - This section is currently under review and may be subject to changes.

Server-Sent Events (SSE) Endpoints

This section displays the Server-Sent Events (SSE) implementation for real-time player notifications. SSE provides a one-way communication channel from the server to the client, enabling instant delivery of notifications and updates without the need for polling.

Service: go_gateway Protocol: HTTP with text/event-stream content type

Overview

The SSE system allows players to maintain a persistent connection to receive real-time events as they occur. Events are published via Redis Pub/Sub and delivered to all connected clients subscribed to the player’s event stream.

Features

Real-time Delivery: Instant notification delivery as events occur
Connection Management: Automatic keep-alive heartbeats every 15 seconds
Multi-tenant Support: Separate event channels per brand and player
Scalability: Connection limit configuration (default: 50,000 concurrent connections)
Resilience: Automatic reconnection handling and buffered event delivery
Event Types: Extensible event system supporting various notification types

Architecture

Client → SSE Connection → Gateway → Redis Pub/Sub → Event Publishers

Event Channel Pattern: SSE::{brand_id}::{player_id}

Available Operations

GET - Establish SSE connection and receive real-time events

Event Types

The SSE system currently supports the following event types:

notification - In-app notifications (bonuses, promotions, account updates)

Additional event types can be added as the platform evolves.

Connection Lifecycle

Client initiates SSE connection with authentication token
Gateway validates brand and player authentication
Initial “connected” event sent to client
Event subscription established to Redis channel
Keep-alive heartbeats sent every 15 seconds
Events published to Redis are immediately forwarded to client
Connection remains open until client disconnects or error occurs

Configuration

Parameter	Default	Description
SSE_CONNECTION_LIMIT	50000	Maximum concurrent SSE connections
EVENTS_REDIS_STORAGE	-	Redis host for SSE event publishing
keepAlivePeriod	15s	Heartbeat interval for connection health
eventChannelBufferSize	50	Event buffer size for burst handling

SSE Stream Connection

Info

Draft Documentation - This section is currently under review and may be subject to changes.

This endpoint establishes a Server-Sent Events (SSE) connection for receiving real-time notifications and updates. The connection remains open indefinitely, with automatic keep-alive heartbeats every 15 seconds.

Request (GET)

`/gateway/sse/{brand_id}/stream`

Parameters:

Name	In	Type	Required	Description
brand_id	path	int	true	The ID of the casino brand.

Headers:

Name	Type	Required	Description
x-auth-token	string	true	Player authentication token.
Accept	string	true	Must be set to `text/event-stream`.

Response

Status 200 (Connection Established)

Content-Type: text/event-stream; charset=utf-8

Initial Connection Message

Upon successful connection, the server sends an initial “connected” event:

data: {"type":"connected","timestamp":"2025-10-22T14:30:45Z"}

Connected Message Format:

Field	Type	Description
type	string	Event type (“connected”).
timestamp	string	ISO 8601 timestamp in RFC3339 format.

Keep-alive Messages

The server sends keep-alive heartbeats every 15 seconds to maintain the connection:

: keepalive 2025-10-22 14:30:45
data: {"type":"keepalive","timestamp":"2025-10-22 14:30:45"}

Keep-alive Message Format:

Field	Type	Description
type	string	Event type (“keepalive”).
timestamp	string	Timestamp in format “YYYY-MM-DD HH:MM:SS”.

Note: The first line (starting with :) is an SSE comment containing the timestamp. The second line contains the JSON data payload.

Event Messages

When events occur, they are immediately pushed to the client:

data: {"brand_id":1001,"player_id":12345,"event_type":"notification","event_data":{"message_id":"a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c","event":"bonus_granted","event_details":{"bonus_amount":100,"bonus_type":"welcome"}}}

Event Message Format:

Field	Type	Description
brand_id	int	Brand identifier.
player_id	int	Player identifier.
event_type	string	Type of event (e.g., “notification”).
event_data	object	Event-specific data payload (structure varies by type).

Example Connection Flow

1. Client Initiates Connection

const eventSource = new EventSource(
  '/gateway/sse/1001/stream',
  {
    headers: {
      'x-auth-token': 'e74af034-a346-4d5c-be97-f7ed83f373a7'
    }
  }
);

eventSource.onmessage = (event) => {
  const data = JSON.parse(event.data);
  console.log('Received event:', data);
};

eventSource.onerror = (error) => {
  console.error('SSE connection error:', error);
};

2. Server Sends Connected Event

data: {"type":"connected","timestamp":"2025-10-22T14:30:45Z"}

3. Server Sends Keep-alive (every 15 seconds)

: keepalive 2025-10-22 14:31:00
data: {"type":"keepalive","timestamp":"2025-10-22 14:31:00"}

4. Server Sends Real Event (when published)

data: {"brand_id":1001,"player_id":12345,"event_type":"notification","event_data":{"message_id":"a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c","event":"bonus_granted","event_details":{"bonus_amount":100,"bonus_type":"welcome","currency":"USD"}}}

Error Responses

Status 400

{
  "status": "error",
  "message": "Bad Request - Invalid brand_id"
}

Status 401

{
  "status": "error",
  "message": "Unauthorized - Invalid or missing authentication token"
}

Status 429

{
  "status": "error",
  "message": "Too Many Requests - Connection limit reached"
}

Note: When the connection limit (SSE_CONNECTION_LIMIT) is reached, new connection attempts will be rejected with a 429 status code.

SSE Error Event (during active connection)

If an error occurs during an active connection, the server may send an error event:

data: {"type":"error","message":"Failed to subscribe to events"}

Connection Management

Connection Limits

Default Limit: 50,000 concurrent connections
Configuration: Set via SSE_CONNECTION_LIMIT environment variable
Behavior: When limit is reached, new connections receive HTTP 429

Connection Termination

Connections can be terminated by:

Client Disconnect: Client closes the connection
Server Error: Internal server error or Redis subscription failure
Network Issue: Network interruption or timeout
Authentication Expiry: Player token expires (requires reconnection)

Reconnection Strategy

Clients should implement automatic reconnection with exponential backoff:

let retryDelay = 1000; // Start with 1 second

eventSource.onerror = () => {
  eventSource.close();

  setTimeout(() => {
    // Reconnect
    eventSource = new EventSource('/gateway/sse/1001/stream', {
      headers: { 'x-auth-token': token }
    });

    // Increase delay for next retry (up to 30 seconds)
    retryDelay = Math.min(retryDelay * 2, 30000);
  }, retryDelay);
};

Implementation Notes

Redis Channel Pattern: Events are published to SSE::{brand_id}::{player_id}
Event Buffer: Server maintains a 50-event buffer to handle bursts
Keep-alive Interval: 15 seconds (prevents connection timeout)
HTTP Headers: Connection includes CORS headers and disables buffering
Player Context: Player ID is automatically extracted from the authentication token
Multi-instance Support: Works across multiple gateway instances via Redis Pub/Sub

Best Practices

Single Connection: Maintain only one SSE connection per player session
Handle Reconnection: Implement automatic reconnection with backoff
Parse Events: Always parse the JSON data payload for event handling
Monitor Keep-alive: Use keep-alive messages to detect connection health
Close on Logout: Explicitly close the SSE connection when player logs out
Error Handling: Implement proper error handling for network issues

SSE Events

Info

Draft Documentation - This section is currently under review and may be subject to changes.

SSE Event Types

This section documents the various event types that can be delivered via Server-Sent Events (SSE). Each event type has a specific structure and purpose.

Overview

SSE events are published to Redis using the channel pattern SSE::{brand_id}::{player_id} and delivered in real-time to connected clients. All events follow a consistent base structure with event-specific data payloads.

Event Structure

All SSE events (excluding system events like “connected” and “keepalive”) follow this structure:

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    // Event-specific payload
  }
}

Base Fields

Field	Type	Description
brand_id	int	The casino brand identifier.
player_id	int	The player identifier.
event_type	string	The type of event (e.g., “notification”).
event_data	object	Event-specific data (structure varies by type).

System Events

These events are sent by the SSE system itself for connection management:

Connected Event

Sent immediately upon successful SSE connection establishment.

{
  "type": "connected",
  "timestamp": "2025-10-22T14:30:45Z"
}

Keep-alive Event

Sent every 15 seconds to maintain the connection.

: keepalive 2025-10-22 14:30:45
data: {"type":"keepalive","timestamp":"2025-10-22 14:30:45"}

Error Event

Sent when an error occurs during the SSE connection.

{
  "type": "error",
  "message": "Failed to subscribe to events"
}

Application Events

These events are published by various services in the platform:

Currently Available Events

notification - In-app notification events for bonuses, promotions, and account updates
gamification_balance_update - Real-time gamification coin balance updates

Event Publishing

Events are published by backend services using the SSE service from go_casino_kit:

sseService.Publish(ctx, brandID, playerID, eventType, eventData)

This publishes to the Redis channel SSE::{brandID}::{playerID}, which the gateway listens to and forwards to connected clients.

Future Event Types

The SSE system is designed to be extensible. Future event types may include:

wallet_balance_update - Real-time wallet balance changes
game_result - Game round results and wins
tournament_update - Tournament status and leaderboard changes
message - Direct messages from support or system
promotion_trigger - Personalized promotion availability

Implementation Notes

All events are delivered in real-time (typically < 100ms latency)
Events are not persisted - if a client is disconnected, events during that time are lost
Each event is delivered as a separate SSE message with data: prefix
Events are JSON-formatted for easy parsing
Multiple events can be sent in rapid succession (buffer size: 50 events)

Notification Event

Info

Draft Documentation - This section is currently under review and may be subject to changes.

The notification event is sent via SSE when a new in-app notification is created for a player. This provides real-time delivery of important updates such as bonuses, promotions, account changes, and other player-relevant information.

Event Type

event_type: notification

Event Structure

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
    "event": "bonus_granted",
    "event_details": {
      "bonus_amount": 100,
      "bonus_type": "welcome",
      "currency": "USD"
    },
    "is_read": false,
    "time": "2025-10-22 14:30:45"
  }
}

Fields

Base Event Fields

Field	Type	Description
brand_id	int	The casino brand identifier.
player_id	int	The player identifier.
event_type	string	Always “notification” for this event type.
event_data	object	Notification-specific data (see below).

Event Data Fields

Field	Type	Description
message_id	string	Unique notification identifier (UUID).
event	string	Notification event type (e.g., “bonus_granted”, “promotion_available”).
event_details	object	Event-specific details (flexible JSON structure).
is_read	boolean	Whether the notification has been read (always false for new notifications).
time	string	Notification creation timestamp in format “YYYY-MM-DD HH:MM:SS”.

Event Examples

Example 1: Bonus Granted Notification

This notification is sent when a player receives a bonus.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "a7f8c934-1b2d-4e5f-9c8a-7d6e5f4a3b2c",
    "event": "bonus_granted",
    "event_details": {
      "bonus_amount": 100,
      "bonus_type": "welcome",
      "currency": "USD",
      "bonus_id": 789
    },
    "is_read": false,
    "time": "2025-10-22 14:30:45"
  }
}

Example 2: Promotion Available Notification

This notification is sent when a new promotion becomes available for a player.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "b8e9d045-2c3e-5f6g-0d9b-8e7f6g5b4c3d",
    "event": "promotion_available",
    "event_details": {
      "promo_id": "PROMO123",
      "promo_name": "Weekend Reload Bonus",
      "expires_at": "2025-11-15",
      "conditions": {
        "min_bet": 100,
        "multiplier": 3,
        "max_bonus": 500
      }
    },
    "is_read": false,
    "time": "2025-10-22 15:00:00"
  }
}

Example 3: Deposit Success Notification

This notification is sent after a successful deposit.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "c9f0e156-3d4f-6g7h-1e0c-9f8g7h6c5d4e",
    "event": "deposit_success",
    "event_details": {
      "amount": 250.00,
      "currency": "USD",
      "payment_method": "credit_card",
      "transaction_id": "TXN987654"
    },
    "is_read": false,
    "time": "2025-10-22 16:15:30"
  }
}

Example 4: KYC Approved Notification

This notification is sent when KYC verification is approved.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "d0g1f267-4e5g-7h8i-2f1d-0g9h8i7d6e5f",
    "event": "kyc_approved",
    "event_details": {
      "verification_level": "basic",
      "approved_at": "2025-10-22 17:00:00",
      "limits_updated": true
    },
    "is_read": false,
    "time": "2025-10-22 17:00:05"
  }
}

Example 5: Account Update Notification

This notification is sent for important account changes.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "e1h2g378-5f6h-8i9j-3g2e-1h0i9j8e7f6g",
    "event": "account_update",
    "event_details": {
      "update_type": "email_changed",
      "new_email": "new****@example.com",
      "requires_verification": true
    },
    "is_read": false,
    "time": "2025-10-22 18:00:00"
  }
}

Example 6: Tournament Win Notification

This notification is sent when a player wins a tournament.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "notification",
  "event_data": {
    "message_id": "f2i3h489-6g7i-9j0k-4h3f-2i1j0k9f8g7h",
    "event": "tournament_win",
    "event_details": {
      "tournament_id": "123456-13456-123456-123456",
      "transaction_id": "123123",
      "tournament_name": "Tournament Name",
      "tournament_points": 1500,
      "tournament_start_date": "2025-08-20 00:00:00",
      "tournament_end_date": "2025-08-27 00:00:00",
      "tournament_position": 1,
      "template_id": "1",
      "prize_type": 1,
      "player_id": 12345,
      "casino_id": 1001,
      "prize_value": "100",
      "prize_name": "test",
      "total_rounds": 10,
      "total_bets": "450",
      "total_wins": "1425",
      "timestamp": "2025-08-27 00:00:00"
    },
    "is_read": false,
    "time": "2025-08-27 00:00:05"
  }
}

Common Event Types

The notification system supports various event types. Here are the most common:

Event Type	Description
bonus_granted	Player received a bonus
promotion_available	New promotion available for player
deposit_success	Successful deposit transaction
withdrawal_approved	Withdrawal request approved
kyc_approved	KYC verification approved
kyc_rejected	KYC verification rejected
account_update	Important account changes
tournament_update	Tournament status or position change
tournament_win	Player won a tournament
limit_reminder	Responsible gaming limit reminder
document_required	Additional documents needed

Event Details Structure

The event_details field is a flexible JSON object that can contain any event-specific data. The structure varies based on the event type. Common patterns include:

Amount-based events: Include amount, currency fields
Time-based events: Include expires_at, valid_until fields
Status updates: Include status, previous_status fields
Reference data: Include transaction_id, bonus_id, promo_id fields

Client Implementation

JavaScript Example

const eventSource = new EventSource('/gateway/sse/1001/stream', {
  headers: {
    'x-auth-token': playerToken
  }
});

eventSource.onmessage = (event) => {
  const data = JSON.parse(event.data);

  // Filter for notification events
  if (data.event_type === 'notification') {
    const notification = data.event_data;

    // Handle based on event type
    switch (notification.event) {
      case 'bonus_granted':
        showBonusNotification(notification);
        break;
      case 'promotion_available':
        showPromotionNotification(notification);
        break;
      case 'deposit_success':
        showDepositConfirmation(notification);
        break;
      default:
        showGenericNotification(notification);
    }

    // Update notification center
    addToNotificationCenter(notification);
  }
};

function showBonusNotification(notification) {
  const { bonus_amount, currency, bonus_type } = notification.event_details;
  showToast(`You received a ${bonus_type} bonus of ${bonus_amount} ${currency}!`);
  playNotificationSound();
  incrementNotificationBadge();
}

Publishing Notification Events

Notification events are automatically published by the go_marketing service when a new notification is created:

// From go_marketing/services/notifications_service.go
func (service *NotificationsService) InsertNewNotifications(
  ctx context.Context,
  notifications []domain.Notification
) error {
  // Insert into database
  err := service.notificationsDao.InsertNotification(ctx, notifications)
  if err != nil {
    return err
  }

  // Publish SSE event for each notification
  for _, notification := range notifications {
    eventData := map[string]interface{}{
      "message_id":    notification.MessageID,
      "event":         notification.Event,
      "event_details": notification.EventDetails,
      "is_read":       notification.IsRead,
      "time":          notification.Time.Format("2006-01-02 15:04:05"),
    }

    service.sseService.Publish(
      ctx,
      notification.BrandId,
      notification.PlayerId,
      sse.SSENotificationEvent,
      eventData,
    )
  }

  return nil
}

Integration with Notification Center

When a notification event is received via SSE:

Display a real-time toast/popup notification to the player
Add the notification to the notification center UI
Increment the unread notification badge count
Optionally play a sound or show a browser notification

To retrieve the full list of notifications (including older ones), use the Get Notifications endpoint.

To mark notifications as read, use the Mark Notifications as Read endpoint.

Performance Considerations

Delivery Latency: Typical delivery time is < 100ms from publication to client
Buffer Size: The SSE system can buffer up to 50 events per connection
No Persistence: SSE events are not persisted; disconnected clients miss events
Database Backup: All notifications are also stored in the database for 90 days

Best Practices

Deduplication: Check message_id to avoid processing duplicate notifications
Graceful Degradation: If SSE is unavailable, poll the GET notifications endpoint
User Control: Allow users to control notification preferences and types
Visual Feedback: Provide clear visual indication of new vs. read notifications
Persistence: Store notifications locally for offline access
Throttling: Avoid overwhelming users with too many simultaneous notifications

Gamification Balance Update Event

Info

Draft Documentation - This section is currently under review and may be subject to changes.

The gamification balance update event is sent via SSE when a player’s gamification coin balance changes. This provides real-time updates for balance changes due to earning, redeeming, or other gamification-related activities.

Event Type

event_type: gamification_balance_update

Event Structure

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "gamification_balance_update",
  "event_data": {
    "balance": 1500,
    "total_received": 5000,
    "total_redeemed": 3500
  }
}

Fields

Base Event Fields

Field	Type	Description
brand_id	int	The casino brand identifier.
player_id	int	The player identifier.
event_type	string	Always “gamification_balance_update” for this event.
event_data	object	Balance update data (see below).

Event Data Fields

Field	Type	Description
balance	decimal	Current gamification coin balance after the update.
total_received	decimal	Total gamification coins received by the player (lifetime).
total_redeemed	decimal	Total gamification coins redeemed by the player (lifetime).

Event Examples

Example 1: Balance Update After Earning Coins

This event is sent when a player earns gamification coins (e.g., from gameplay activity).

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "gamification_balance_update",
  "event_data": {
    "balance": 2500,
    "total_received": 10000,
    "total_redeemed": 7500
  }
}

Example 2: Balance Update After Redemption

This event is sent when a player redeems gamification coins for rewards.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "gamification_balance_update",
  "event_data": {
    "balance": 500,
    "total_received": 10000,
    "total_redeemed": 9500
  }
}

Example 3: New Player with Zero Redemptions

This event shows a player who has earned coins but not yet redeemed any.

{
  "brand_id": 1001,
  "player_id": 12345,
  "event_type": "gamification_balance_update",
  "event_data": {
    "balance": 750,
    "total_received": 750,
    "total_redeemed": 0
  }
}

Client Implementation

JavaScript Example

const eventSource = new EventSource('/gateway/sse/1001/stream', {
  headers: {
    'x-auth-token': playerToken
  }
});

eventSource.onmessage = (event) => {
  const data = JSON.parse(event.data);

  // Filter for gamification balance update events
  if (data.event_type === 'gamification_balance_update') {
    const balanceData = data.event_data;
    updateGamificationBalanceUI(balanceData);
  }
};

function updateGamificationBalanceUI(balanceData) {
  // Update the displayed balance
  document.getElementById('coin-balance').textContent =
    formatNumber(balanceData.balance);

  // Optionally update lifetime stats
  document.getElementById('total-earned').textContent =
    formatNumber(balanceData.total_received);
  document.getElementById('total-redeemed').textContent =
    formatNumber(balanceData.total_redeemed);

  // Show visual feedback for balance change
  highlightBalanceChange();
}

function formatNumber(value) {
  return new Intl.NumberFormat('en-US').format(value);
}

Use Cases

This event is triggered in the following scenarios:

Scenario	Description
Coin Earning	Player earns coins from gameplay or activities
Coin Redemption	Player redeems coins for rewards or bonuses
Admin Adjustment	Manual balance adjustment by operator
Promotional Credit	Promotional coins added to player’s balance
Expiration	Coins expired due to inactivity or time limits

Best Practices

Real-time UI Updates: Update the gamification balance display immediately upon receiving this event
Animation: Consider adding visual feedback (e.g., animation, color change) when the balance updates
Graceful Degradation: If SSE is unavailable, fall back to polling the balance endpoint
Number Handling: Balance values are returned as rounded numbers but should be treated as decimals for storage and calculations

Financial

Financial Endpoints

This section will display all available endpoints to get financial data.

Currency

Currency Endpoints

This section will display all available endpoints to get currency data.

Currency by IP

This method returns a currency by player’s IP address, generally used before Registration to determine which currency to display to player upon registration.

Request (GET)

`/gateway/currencies/{version}/currencyByIP/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "status": "success",
  "data": {
    "isoCountryCode": "IL",
    "isoCurrencyCode": "USD",
    "symbol": "$"
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "status": "failed",
  "data": "currency not found, reason: reason"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
status	indication if request was successful or not.
data.isoCountryCode	ISO2 country code, will be fetch from X-Forwarded-For header.
data.isoCurrencyCode	ISO3 currency code for this country.
data.symbol	currency symbol.

Supported Currencies

This method returns a currency of the brand and all supported currencies.

Request (GET)

`/gateway/cashier/supported/currencies/{brand_id}`

Parameters:

Name	In	Type	Required	Description
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "base_currency": "EUR",
  "supported_currencies": [
    {
      "iso_code": "USD",
      "symbol": "$",
      "unicode": "&#36;",
      "position": "before"
    },
    {
      "iso_code": "EUR",
      "symbol": "€",
      "unicode": "&#128;",
      "position": "before"
    }
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
base_currency	Brand base currency.
supported_currencies.iso_code	ISO2 code of currency.
supported_currencies.symbol	symbol of currency.
supported_currencies.unicode	unicode of currency.
supported_currencies.position	where does the symbol of currency should be displayed, before/after the amount.

Deposit

Deposit Endpoints

This section will display all available endpoints to get Deposit data.

Logic For All provider is as following:

Get Payment Methods for the player.
Begin Deposit process.
Response will contain uri for provider, and all the data needed to send to provider, should transfer to provider page.

However, we have couple of providers which will be explained in the following sections.

Praxis HPF: Praxis supports HPF(hosted payment fields) for some of its payment methods, if mode will be returned as ‘hpf’ we should do the following:
1. Get Payment Methods for the player.
2. Begin Deposit process.
3. Use praxis script to open iframe with the payment fields.
4. Send Direct Deposit
5. Response will contain if request was successful or not.
6. Following fields should be sent in this case: hpf_auth_token, device_data, ref_id.
Praxis HPF Async: Praxis supports HPF(hosted payment fields) for some of its payment methods, if mode will be returned as ‘hpf’ we should do the following:
1. Get Payment Methods for the player.
2. Begin Deposit process.
3. Use praxis script to open iframe with the payment fields.
4. Send Direct Deposit, version should be 3.0 and above.
5. Response will contain if request was successful or not.
6. Following fields should be sent in this case: hpf_auth_token, device_data, ref_id.
7. Every few seconds call should be sent to Deposit State to check if the deposit was successful.
Direct Deposit: We have some providers which expect direct call from us, on this case mode will be ‘direct’ and we should do the following::
1. Get Payment Methods for the player.
2. Begin Deposit process.
3. Send Direct Deposit, Following fields should be sent in this case: request_token, params, payment_data.
4. Response will contain if request was successful or not.
5. Every few seconds call should be sent to Deposit State to check if the deposit was successful.
6. 3Ds cascading happens when Deposit State return status_name = ‘Initialized’ is_completed = true and redirect_url is not empty. Redirect player to redirect_url.
7. Operator should provide platform with path to page where PSP provider will redirect player in case 3Ds deposit declined/canceled.
8. When player arrives this page, Site need to call Has_Cascading to check if cascading exists. On False redirect player to decline deposit page. On True display player friendly message ‘Do you want to make an additional deposit?’.
9. When player agree to make additional deposit, Site need to call Do Cascading and continue to ask for Deposit State

The following scenarios will require additional calls to Status API:

if mode = status_request
if mode = hpf and version > 3.0
if mode = direct
if additional_instructions.status_request = true
if player choose to make additional deposit after 3ds deposit decline

Begin Deposit

This method begins a deposit transaction. use gateway.[msdomain]

Request (POST)

`/gateway/financials/{brand_id}/{version}/player/deposit`

{
  "amount": 10.5,
  "bonusCode": "",
  "country": "IL",
  "paymentProviderId": 1,
  "paymentMethodId": 1,
  "currency": "EUR",
  "lang": "en"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
amount	body	string	true	Request amount in major currency (i.e 10.50 and not in cents 1050).
bonusCode	body	string	false	Bonus code for the request, if applicable.
country	body	string	true	Player country.
paymentProviderId	body	int	true	Request provider id.
paymentMethodId	body	int	true	Requested method id for chosen provider.
currency	body	string	true	Player requested currency (does not have to match his currency).
Referer	header	string	true	Some payment providers restrict transactions for specific domains, domain should be verified.
X-Forwarded-For	header	string	true	Player IP.

Response

Status 200

{
  "url": "urlparams",
  "params": {
    "amount": 10.5,
    "bonusCode": "",
    "country": "IL",
    "paymentProviderId": 1,
    "paymentMethodId": 1,
    "currency": "EUR",
    "lang": "en"
  },
  "mode": "embedded/window/hpf/status_request/direct",
  "refNum": "",
  "request_token": "aaaaa",
  "safecharge": true,
  "additional_instructions": {
    "status_request": true,
    "add_iframe_code": "allow=\"clipboard-read; clipboard-write\""
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

Status 403

{
  "result": "deposit_limit"
}

Status 412. Redirect player to Personal Details page for updating data missing to perform deposit

{
  "status": "Error",
  "data": [
    "zipPostalCode",
    "birthdate",
    "city",
    "address"
  ],
  "message": "missing fields",
  "userFriendlyMessage": "missing fields"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Description
mode = embedded	string	Indication to open the deposit form in embedded window (iframe).
mode = window	string	Indication to open the deposit form in seperate window.
mode = hpf	string	Mode which is relevant only for Praxis(and specific payment methods), for additional documentation please contact us.
mode = direct	string	Indication that this call won’t work like other, deposit request should be direct call.
mode = status_request	string	Indication that need to do calls for Status API.
refNum	int	If deposit transaction started, it will contain the reference id to proceed with.
url	string	provider url to open window.
request_token	string	Unique identifier for the request, will be used in direct mode.
safecharge	bool	indication if provider is safecharge.
params	object	object which will contain additional details required for deposit.
additional_instructions (Optional)	object	object which will contain additional details required for deposit request.
additional_instructions.status_request	bool	Indication that need to do calls for Status API.
additional_instructions.add_iframe_code	string	Iframe code

Direct Deposit

2nd step uses for Praxis HPF integration.

Call this API from Casino Front-end page that contains direct providers for example: Praxis hosted fields: Card number. Card Exp. Cvv. Amount. Submit button

Request (PUT)

`/gateway/financials/deposit/{brand_id}/{version}/direct`

{
  "hpf_auth_token": "938c2cc0dcc05f2b68c4287040cfcf71",
  "request_token": "938c2cc0dcc05f2b68c4287040cfcf71",
  "ref_id": 100,
  "params": {
    "amount": 1.1,
    "currency": "EUR",
    "paymentProviderId": 1,
    "paymentMethodId": 1,
    "bonusCode": "somecode",
    "country": "IL"
  },
  "device_data": {
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML,like Gecko) Version/13.1.1 Safari/605.1.15",
    "accept_header": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
    "language": "en-us",
    "timezone_offset": -180,
    "color_depth": "24",
    "pixel_depth": "24",
    "pixel_ratio": "2",
    "screen_height": 900,
    "screen_width": 1440,
    "viewport_height": 400,
    "viewport_width": 1440,
    "java_enabled": 0,
    "javascript_enabled": 1
  },
  "payment_data": {
    "cc_number": "1234123412341234",
    "CVV": "111",
    "cc_expiration": "12-12",
    "cc_holder_name": "John Doe"
  }
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Deposit State.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
hpf_auth_token	body	string	false	Relevant for Praxis HPF only.
request_token	body	string	false	Relevant for Direct call providers.
ref_id	body	string	false	should be sent for praxis, not for other.
params	body	int	true	additional parameters to send, not relevant for praxis, should send the exact content as you get from Deposit Request .
device_data	body	int	true	Relevant only for praxis HPF.
payment_data	body	string	true	additional parameters to send, not relevant for praxis.
payment_data.cc_number	body	string	true	credit card number without ‘-’.
payment_data.CVV	body	string	true	CVV for credit card.
payment_data.cc_expiration	body	string	true	expiration date for card, format: MM-YY.
payment_data.cc_holder_name	body	string	true	forst name + last name of player.
X-Forwarded-For	header	string	true	Player IP.
Referer	header	string	true	Site domain.

Response

Status 200

{
  "redirect_url": "https://merchant.com/payment_result/tx-1560610955",
  "status": "OK",
  "ref_id": 12
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

Status 403

{
  "result": "deposit_limit"
}

Status 412. Redirect player to Personal Details page for updating data missing to perform deposit

{
  "status": "Error",
  "data": [
    "zipPostalCode",
    "birthdate",
    "city",
    "address"
  ],
  "message": "missing fields",
  "userFriendlyMessage": "missing fields"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Description
status	string	status of request.
ref_id	string	reference number to run checks on (Async).

Deposit Status

This API returns deposit status and redirect url (3DS). Use it for Getting current deposit status in case when deposit begin transaction return mode ‘hpf, status_request ,direct’

Request (GET)

`/gateway/financials/{brand_id}/{version}/deposit/state/{ref_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
ref_id	path	int	true	Deposit reference number.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "status_id": 1,
  "status_name": "Approved,Declined,Pending",
  "redirect_url": "https://3dsuri.com/redirect",
  "is_completed": true
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 403

{
  "result": "deposit_limit"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Description
status_name	string	status of request.
redirect_url	string	link for 3ds.
is_completed	string	indication if response is final.

Actions (By response fields):

Is Completed Field	Status Name Field	Description
true	ALL	finite status of request, stop sending request.
false	Initialized and redirect_url is empty	close window and call for status behind the scenes.
false	ALL	continue sending status requests.

Deposit Payment Methods

This method retrieves all the payment methods that are available for making deposits for a specific country. use gateway.[msdomain]

Request (GET)

`/gateway/financials/{version}/{brand_id}/payment/methods/2.0/{country}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
country	path	string	true	Player requested country, each country might contain different list of methods.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "payment_methods": "[{\"id\":1,\"name\":\"Visa\",\"provider_id\":35,\"description\":\"\",\"logo_url\":\"https://promo.testcasino.com/static-resources/payment_methods/my_account/visa-165x50.png\",\"order\":3,\"min_approved_deposits\":0,\"max_approved_deposits\":10000,\"active\":true,\"country\":[\"AD\",\"AE\",\"AF\",\"AG\",\"AI\",\"AL\",\"AM\",\"AN\",\"AO\",\"AQ\",\"AR\",\"AS\",\"AT\",\"AU\",\"AW\",\"AX\",\"AZ\",\"BA\",\"BB\",\"BD\",\"BE\",\"BF\",\"BG\",\"BH\",\"BI\",\"BJ\",\"BL\",\"BM\",\"BN\",\"BO\",\"BQ\",\"BR\",\"BS\",\"BT\",\"BV\",\"BW\",\"BY\",\"BZ\",\"CA\",\"CC\",\"CD\",\"CF\",\"CG\",\"CH\",\"CI\",\"CK\",\"CL\",\"CM\",\"CN\",\"CO\",\"CR\",\"CU\",\"CV\",\"CW\",\"CX\",\"CY\",\"CZ\",\"DE\",\"DJ\",\"DK\",\"DM\",\"DO\",\"DZ\",\"EC\",\"EE\",\"EG\",\"EH\",\"ER\",\"ES\",\"ET\",\"FI\",\"FJ\",\"FK\",\"FM\",\"FO\",\"FR\",\"GA\",\"GB\",\"GD\",\"GE\",\"GF\",\"GG\",\"GH\",\"GI\",\"GL\",\"GM\",\"GN\",\"GP\",\"GQ\",\"GR\",\"GS\",\"GT\",\"GU\",\"GW\",\"GY\",\"HK\",\"HM\",\"HN\",\"HR\",\"HT\",\"HU\",\"ID\",\"IE\",\"IL\",\"IM\",\"IN\",\"IO\",\"IQ\",\"IR\",\"IS\",\"IT\",\"JE\",\"JM\",\"JO\",\"JP\",\"KE\",\"KG\",\"KH\",\"KI\",\"KM\",\"KN\",\"KP\",\"KR\",\"KW\",\"KY\",\"KZ\",\"LA\",\"LB\",\"LC\",\"LI\",\"LK\",\"LR\",\"LS\",\"LT\",\"LU\",\"LV\",\"LY\",\"MA\",\"MC\",\"MD\",\"ME\",\"MF\",\"MG\",\"MH\",\"MK\",\"ML\",\"MM\",\"MN\",\"MO\",\"MP\",\"MQ\",\"MR\",\"MS\",\"MT\",\"MU\",\"MV\",\"MW\",\"MX\",\"MY\",\"MZ\",\"NA\",\"NC\",\"NE\",\"NF\",\"NG\",\"NI\",\"NL\",\"NO\",\"NP\",\"NR\",\"NU\",\"NZ\",\"OM\",\"PA\",\"PE\",\"PF\",\"PG\",\"PH\",\"PK\",\"PL\",\"PM\",\"PN\",\"PR\",\"PS\",\"PT\",\"PW\",\"PY\",\"QA\",\"RE\",\"RO\",\"RS\",\"RU\",\"RW\",\"SA\",\"SB\",\"SC\",\"SD\",\"SE\",\"SG\",\"SH\",\"SI\",\"SJ\",\"SK\",\"SL\",\"SM\",\"SN\",\"SO\",\"SR\",\"ST\",\"SV\",\"SX\",\"SY\",\"SZ\",\"TC\",\"TD\",\"TF\",\"TG\",\"TH\",\"TJ\",\"TK\",\"TL\",\"TM\",\"TN\",\"TO\",\"TR\",\"TT\",\"TV\",\"TW\",\"TZ\",\"UA\",\"UG\",\"UM\",\"US\",\"UY\",\"UZ\",\"VA\",\"VC\",\"VE\",\"VG\",\"VI\",\"VN\",\"VU\",\"WF\",\"WS\",\"YE\",\"YT\",\"ZA\",\"ZM\",\"ZW\"],\"currency\":[{\"name\":\"CAD\",\"min\":20,\"max\":5000,\"rate_to_euro\":0.689829976032,\"fee\":4,\"active\":true},{\"name\":\"EUR\",\"min\":20,\"max\":5000,\"rate_to_euro\":1,\"fee\":0,\"active\":true},{\"name\":\"GBP\",\"min\":20,\"max\":5000,\"rate_to_euro\":1.1667130837039998,\"fee\":2,\"active\":true},{\"name\":\"INR\",\"min\":1,\"max\":10000000,\"rate_to_euro\":0.013474511615999999,\"fee\":4,\"active\":true},{\"name\":\"USD\",\"min\":20,\"max\":5000,\"rate_to_euro\":0.92608904680444,\"fee\":2.22,\"active\":true}]},{\"id\":442,\"name\":\"CryptoDL\",\"provider_id\":36,\"description\":\"\",\"logo_url\":\"https://promo.testcasino.com/static-resources/\",\"order\":2,\"min_approved_deposits\":0,\"max_approved_deposits\":1000000,\"active\":true,\"country\":[\"AD\",\"AE\",\"AF\",\"AG\",\"AI\",\"AL\",\"AM\",\"AN\",\"AO\",\"AQ\",\"AR\",\"AS\",\"AT\",\"AU\",\"AW\",\"AX\",\"AZ\",\"BA\",\"BB\",\"BD\",\"BE\",\"BF\",\"BG\",\"BH\",\"BI\",\"BJ\",\"BL\",\"BM\",\"BN\",\"BO\",\"BQ\",\"BR\",\"BS\",\"BT\",\"BV\",\"BW\",\"BY\",\"BZ\",\"CA\",\"CC\",\"CD\",\"CF\",\"CG\",\"CH\",\"CI\",\"CK\",\"CL\",\"CM\",\"CN\",\"CO\",\"CR\",\"CU\",\"CV\",\"CW\",\"CX\",\"CY\",\"CZ\",\"DE\",\"DJ\",\"DK\",\"DM\",\"DO\",\"DZ\",\"EC\",\"EE\",\"EG\",\"EH\",\"ER\",\"ES\",\"ET\",\"FI\",\"FJ\",\"FK\",\"FM\",\"FO\",\"FR\",\"GA\",\"GB\",\"GD\",\"GE\",\"GF\",\"GG\",\"GH\",\"GI\",\"GL\",\"GM\",\"GN\",\"GP\",\"GQ\",\"GR\",\"GS\",\"GT\",\"GU\",\"GW\",\"GY\",\"HK\",\"HM\",\"HN\",\"HR\",\"HT\",\"HU\",\"ID\",\"IE\",\"IL\",\"IM\",\"IN\",\"IO\",\"IQ\",\"IR\",\"IS\",\"IT\",\"JE\",\"JM\",\"JO\",\"JP\",\"KE\",\"KG\",\"KH\",\"KI\",\"KM\",\"KN\",\"KP\",\"KR\",\"KW\",\"KY\",\"KZ\",\"LA\",\"LB\",\"LC\",\"LI\",\"LK\",\"LR\",\"LS\",\"LT\",\"LU\",\"LV\",\"LY\",\"MA\",\"MC\",\"MD\",\"ME\",\"MF\",\"MG\",\"MH\",\"MK\",\"ML\",\"MM\",\"MN\",\"MO\",\"MP\",\"MQ\",\"MR\",\"MS\",\"MT\",\"MU\",\"MV\",\"MW\",\"MX\",\"MY\",\"MZ\",\"NA\",\"NC\",\"NE\",\"NF\",\"NG\",\"NI\",\"NL\",\"NO\",\"NP\",\"NR\",\"NU\",\"NZ\",\"OM\",\"PA\",\"PE\",\"PF\",\"PG\",\"PH\",\"PK\",\"PL\",\"PM\",\"PN\",\"PR\",\"PS\",\"PT\",\"PW\",\"PY\",\"QA\",\"RE\",\"RO\",\"RS\",\"RU\",\"RW\",\"SA\",\"SB\",\"SC\",\"SD\",\"SE\",\"SG\",\"SH\",\"SI\",\"SJ\",\"SK\",\"SL\",\"SM\",\"SN\",\"SO\",\"SR\",\"ST\",\"SV\",\"SX\",\"SY\",\"SZ\",\"TC\",\"TD\",\"TF\",\"TG\",\"TH\",\"TJ\",\"TK\",\"TL\",\"TM\",\"TN\",\"TO\",\"TR\",\"TT\",\"TV\",\"TW\",\"TZ\",\"UA\",\"UG\",\"UM\",\"US\",\"UY\",\"UZ\",\"VA\",\"VC\",\"VE\",\"VG\",\"VI\",\"VN\",\"VU\",\"WF\",\"WS\",\"YE\",\"YT\",\"ZA\",\"ZM\",\"ZW\"],\"currency\":[{\"name\":\"CAD\",\"min\":20,\"max\":5000,\"rate_to_euro\":0.689829976032,\"fee\":4,\"active\":false},{\"name\":\"EUR\",\"min\":20,\"max\":5000,\"rate_to_euro\":1,\"fee\":0,\"active\":false},{\"name\":\"GBP\",\"min\":20,\"max\":5000,\"rate_to_euro\":1.1667130837039998,\"fee\":2,\"active\":false},{\"name\":\"USD\",\"min\":20,\"max\":5000,\"rate_to_euro\":0.92608904680444,\"fee\":2.22,\"active\":false},{\"name\":\"USDT\",\"min\":0,\"max\":5000,\"rate_to_euro\":0.909230399808,\"fee\":4,\"active\":true}]}]",
  "min_deposit": "-1",
  "deposit_state": false
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Description
payment_methods	array	array of object which will contain payment methods data: 1. Method ID. 2. Provider ID. 3. Min/Max values. 4. Logo…

Deposit Cascading Available

Request (GET)

`/gateway/financials/{brand_id}/{version}/deposit/has-cascading/{ref_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
ref_id	path	int	true	Deposit reference number.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  true/false
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Player Last Deposit

This API returns information about the player’s last deposit.

You can use this method to set the default values in the deposit page. For example, if a player deposits money from a country that is different from their registered country, you can set the last used country as the default country for future deposits. use gateway.[msdomain]

Request (GET)

`/gateway/financials/{brand_id}/{version}/player/deposit`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "updateDate": "YYY-MM-DD hh:mm:ss",
  "depositAmount": 0,
  "depositCurrency": "EUR",
  "paymentMethodId": 7,
  "countryCode": "DE"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
updateDate	last approved deposit time.
depositAmount	deposit Amount.
depositCurrency	deposit Currency.
paymentMethodId	deposit payment methiod id.
countryCode	player login country.

Deposit Cascading Continue

Request (POST)

`/gateway/financials/{brand_id}/{version}/deposit/continue-cascading/{ref_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
ref_id	path	int	true	Deposit reference number.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Credit Card Validation

This API validate credit card details.

Request (POST)

`/gateway/financials/:brand_id/:version/deposit/validation/:method_id`

{
  "cc_number": "4111111111111111"
}

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
method_id	path	string	true	ID of method to validate the credit card in front of.
cc_number	body	string	true	credit card number to validate, only numbers.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "status": "Success",
  "message": "CC_VALID"
}

400 Response

{
  "status": "Failure",
  "message": "BAD_REQUEST"
}

{
  "status": "Failure",
  "message": "CC_EMPTY"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 422

  {
  "status": "Failure",
  "message": "CC_INVALID"
}

Status 500

  {
  "status": "Error",
  "message": "INTERNAL_SERVER_ERROR"
}

Cashier Events

Request (POST)

`/gateway/financials/{brand_id}/{version}/cashier-events`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	header received from ‘Login’

{
  "ref_id": 1,
  "event": "Close Window"
}

Response

Status 200

{
  "status": "Success",
  "data": {
    "brand_id": 1,
    "player_id": 123456,
    "ref_id": 1,
    "event": "Close Window"
  }
}

Status 400

{
  "status": "Error",
  "data": {
    "brand_id": 1,
    "player_id": 123456,
    "ref_id": 1,
    "event": "Close Window"
  },
  "message": "invalid deposit ref id",
  "userFriendlyMessage": "invalid deposit ref id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "status": "Error",
  "data": {
    "brand_id": 1,
    "player_id": 123456,
    "ref_id": 1,
    "event": "Close Window"
  },
  "message": "error saving cashier event",
  "userFriendlyMessage": "error saving cashier event"
}

Bonuses

Bonuses Endpoints

This section will display all available endpoints to get bonus data.

Most of calls requires an authentication token, which will be different from the player’s authentication token. Call to Get authentication token:

Request (POST)

`/gateway/bonus/:version/login/:brand_id`

Parameters:

{
  "signed_key": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino.
Authorization	header	string	true	subject for validation (i.e Banana).
signed_key	body	string	true	key for validation (i.e Banana).

Example responses

will return string “Success” in the body and the Authentication in the header “x-auth-token” of the response

{
  "msg": "Success"
}

the header from result should be sent in the header of the next request as “x-auth-token”, with ‘Bearer ’ prefix

Bonus Validation

This method validates the parameters of a bonus. use gateway.[msdomain]
This document contains documentation for API version 1 and 2

Request (GET)

`/gateway/bonus/{version}/validate/{brand_id}/{coupon}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
coupon	path	string	true	Bonus code.
btag	query	string	false	Player affiliation reference.
currency	query	string	false	Player currency.

Response

Status 200

{
  "frb_at_registration": [
    {
      "language": "de",
      "text": "7 Freispiele fÃ¼r Groove_PlayNGo",
      "wagering": "null3"
    }
  ],
  "bonus_at_registration": 100,
  "frb_at_verification": [
    {
      "language": "de",
      "text": "7 Freispiele fÃ¼r Groove_PlayNGo",
      "wagering": "null3"
    }
  ],
  "bonus_at_verification": 30
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "status": "error",
  "data": "coupon time exceeded"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
frb_at_registration	Array which will contain all available languages for FRB bonus which will be given upon registration, need to choose the relevant language for player (frb_at_registration.language) and show its text.
frb_at_verification	Array which will contain all available languages for FRB bonus which will be given upon email verification, need to choose the relevant language for player (frb_at_verification.language) and show its text.
bonus_at_registration	Amount which will be awarded to player once he completes the registration, please not that if currency is not sent, amount will be displayed in brand default currency.
bonus_at_verification	Amount which will be awarded to player once he verifies his email, please not that if currency is not sent, amount will be displayed in brand default currency.

API VERSION 2

Request (GET)

`/gateway/bonus/{version - should be >= 2}/validate/{brand_id}/{coupon}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
coupon	path	string	true	Bonus code.
btag	query	string	false	Player affiliation reference.
currency	query	string	false	Player currency.

Response

Status 200

{
  "registration": {
    "bonus_amount": 1000,
    "wagering_multiplier": 10,
    "frb": [
      {
        "round_count": 25,
        "game_provider": "Betsoft",
        "supported_games": [
          "Primal Wilderness"
        ],
        "wagering_multiplier": 1
      }
    ]
  },
  "verification": {
    "bonus_amount": 10000,
    "wagering_multiplier": 50,
    "frb": [
      {
        "round_count": 10,
        "game_provider": "Pragmatic Play",
        "supported_games": [
          "Floating Dragon Megaways",
          "John Hunter and the Book of Tut Respin™"
        ],
        "wagering_multiplier": 1
      },
      {
        "round_count": 3,
        "game_provider": "Evoplay",
        "supported_games": [
          "Fruit Super Nova 100"
        ],
        "wagering_multiplier": 3
      },
      {
        "round_count": 44,
        "game_provider": "Betsoft",
        "supported_games": [
          "7 Fortune Frenzy",
          "At The Movies",
          "Book of Helios",
          "Dragon Kings NJP"
        ],
        "wagering_multiplier": 3
      }
    ]
  }
}

Status 200, No frb

{
  "registration": {
    "bonus_amount": 1000,
    "wagering_multiplier": 10 
  },
  "verification": {
    "bonus_amount": 10000,
    "wagering_multiplier": 50 
  }
}

Status 400

{
  "status": "Error",
  "data": "",
  "message": "coupon not found",
  "userFriendlyMessage": "coupon not found"
}

Status 500

{
  "error": "internal server error",
  "requestID": "91d3236d-82fe-4c4d-b01c-ea07ffe15af7"
}

Grant Bonus

This method validates the parameters of a bonus. use gateway.[msdomain] Request Parametercomment & givenBy parameters are mandatory for all actionsAdditional Request Parameters Required for each bonus ( request must contain all )

Request (POST)

`/gateway/bonus/{version}/grant/{brand_id}/{player_id}/{bonus_action}`

Parameters:

{
  "bonusName": "string",
  "newBonusId": "string",
  "amount": 14.3,
  "wageringMultiplier": 3.3,
  "WageringBase": "string",
  "givenBy": "string",
  "comment": "string",
  "wageringRequirement": 0
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
player_id	path	int	true	none
bonus_action	path	string	true	none
Authentication	header	string	true	header received from ‘Login’

Response

Status 200

{
  "refId": 512
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Bonus Type Metadata

Request (GET)

`/gateway/bonus/{version}/bonusType/{brand_id}/metadata`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
Authentication	header	string	true	header received from ‘Login’

Response

Status 200

{
  "metadata": [
    {
      "id": "123",
      "bonusName": "string",
      "line": 0,
      "amountPercent": 0,
      "wageringMultiple": 0,
      "calculateWagering": "string",
      "maximumBalance": 0,
      "maximumAmount": 0,
      "displayType": "string",
      "type": "string",
      "comment": "string",
      "lastEditedBy": "string",
      "isActive": 0,
      "isUsed": 0,
      "isVisible": 0
    }
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Grant FRB Bonus

Request (POST)

`/gateway/bonus/{version}/grant/frb/{brand_id}/{player_id}`

Parameters:

{
  "player_id": 1234545,
  "template_id": "20c51ae125482b3768653b50c_1639016587471",
  "bonus_id": "manual__20c51ae125482b3768653b50c_1639016587471",
  "comment": "given because of...",
  "operator": "player"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
player_id	path	int	true	none
Authentication	header	string	true	header received from ‘Login’

Response

Status 200

{
  "refId": 512
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Bonus Type Metadata

Request (GET)

`/gateway/bonus/{version}/get/frb/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
Authentication	header	string	true	header received from ‘Login’

Response

Status 200

{
  "frb_templates": [
    {
      "_id": "31eead653fb64ce3b2aa5cef4c384be9",
      "id": "",
      "brand_id": 0,
      "bonusName": "555555plo",
      "bonusDescription": "55555555",
      "active": true,
      "manualBonus": true,
      "providers": [
        {
          "providerId": "Groove_Pragma",
          "number_of_rounds": "1",
          "wagering_multiplier": "1",
          "available_from_date": "",
          "expiration_date": "",
          "message_first_line": "",
          "message_second_line": "",
          "offer_name": "",
          "all_games_used": false,
          "games": [
            {
              "brand_id": 0,
              "provider_id": "",
              "Game_Name": "Hot to Burn",
              "Game_Type": "",
              "CasinoId": 158000070,
              "supported_provider_games": ""
            },
            {
              "brand_id": 0,
              "provider_id": "",
              "Game_Name": "Leprechaun Carol",
              "Game_Type": "",
              "CasinoId": 158000080,
              "supported_provider_games": ""
            }
          ],
          "template_id": "",
          "inner_template_id": ""
        }
      ],
      "changed_by": "",
      "offerValue": "N/A",
      "totalNumberOfRounds": 16,
      "availableFromDate": "",
      "frb_bonus_desc": [
        {
          "language": "en",
          "text": "1 Free spins on Pragmatic Play"
        }
      ],
      "templateInUse": false
    }
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Grant Bonus By Code

Request (POST)

`/gateway/bonus/{version}/grant_bonus_by_code/{brand_id}`

Parameters:

{
  "bonus_code": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
x-auth-token	header	string	true	Player session.

Response

Status 200

{
  "status": "Success",
  "data": {
    "refId": 151884,
    "msg": ""
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Wagering Complete Info

Request (GET)

`/gateway/bonus/{version}/wagering-complete/{brand_id}/{player_id}/{unique_ref_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
player_id	path	int	true	player unique identifier
unique_ref_id	path	int	true	player unique reference for wagering completed event
x-auth-token	header	string	true	Player session token

Response

Status 200

{
  "status": "Success",
  "data": [
    {
      "bonus_id": "776262",
      "bonus_money_before": "100",
      "bonus_money_removed": "100",
      "real_money_added": "100",
      "max_win": "unlimited"
    },
    {
      "bonus_id": "776266",
      "bonus_money_before": "11",
      "bonus_money_removed": "11",
      "real_money_added": "11",
      "max_win": "unlimited"
    },
    {
      "bonus_id": "776257",
      "bonus_money_before": "10",
      "bonus_money_removed": "10",
      "real_money_added": "10",
      "max_win": "unlimited"
    }
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 412 (in case of non-existing details for request details)

{
  "status": "Error",
  "data": "wagering complete in progress",
  "message": "wagering complete in progress",
  "userFriendlyMessage": "wagering complete in progress"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
bonus_id	unique identifier for specific bonus
bonus_money_before	bonus money before event in specific bonus
bonus_money_removed	bonus money removed from bonus
real_money_added	real money added to player balance
max_win	max winning definition for bonus, please note that if real_money_added is less than max_win, it might change

Cashback Eligibility

Request check (GET)

`/gateway/financials/{version}/check/cashback/eligibility/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	header received from ‘Login’

Response

Status 200

{
  "status": "Success",
  "data": {
    "eligible_deposit": 580,
    "base_cashback_amount": 29,
    "cashback_amount": 72.5,
    "vip_level": "Platinum",
    "minimum_cashback_amount": 20,
    "maximum_balance": 1,
    "decline_reasons": [
      "Cashback amount is less than minimum required",
      "Player balance is high"
    ],
    "bonus_template_name": "abc",
    "eligible": false
  }
}

{
  "status": "Success",
  "data": {
    "eligible_deposit": 580,
    "base_cashback_amount": 29,
    "cashback_amount": 72.5,
    "vip_level": "Platinum",
    "minimum_cashback_amount": 20,
    "maximum_balance": 1,
    "decline_reasons": [],
    "bonus_template_name": "abc",
    "eligible": true
  }
}

Decline Reasons

Cashback amount is less than minimum required
Player balance is high
Player has pending withdrawal
Player has open round

Status 400

{
  "status": "Error",
  "data": null,
  "message": "invalid input - invalid brand id",
  "userFriendlyMessage": "invalid input - invalid brand id"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Request Claim (POST)

`/gateway/bonus/{version}/cashback/eligibility/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	header received from ‘Login’

Response

Status 200

{
  "status": "Success",
  "data": {
     "refId": 1825996,
      "msg": ""
  }
}

Status 400

{
  "status": "Error",
  "data": null,
  "message": "player is not eligible for cashback",
  "userFriendlyMessage": "player is not eligible for cashback"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Deposit Bonus Eligibility

Request (GET)

`/gateway/bonus/{version}/{brand_id}/deposit_bonus/eligibility`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	header received from ‘Login’
bonus_code	query	string	true	The bonus code the players want to use
payment_method	query	string	true	the payment method the player wants to use
amount	query	decimal	true	the amount the players wants to deposit

Response

Status 200

{
  "status": "Success",
  "data": {
    "bonus_available": true
  }
}

{
  "status": "Success",
  "data": {
    "bonus_available": false,
    "decline_reasons": [
      [{"reason": "Bonus Inactive", "data": ""}, {"reason": "Limit Period", "data": "5"}],
      [{"reason": "Previous Bonus Required", "data": "Reqbon"}]
    ]
  }
}

Decline Reasons

invalid_bonus_code
bonus_opt_out
pending_withdrawals
bonus_inactive
date_restriction
currency_restriction
deposit_amount
limit_period
approved_withdrawal_amount
btag_restriction
country_restriction
day_restriction
unfinished_rounds
language_restriction
marketing_segment
deposit_count
payment_method
affiliate_id
player_balance
player_real_balance
previous_bonus_required
previous_bonus_restriction
vip_level
vip_segmentation

Status 400

{
  "status": "Error",
  "data": null,
  "message": "invalid input - invalid brand id",
  "userFriendlyMessage": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Forfeit Bonuses

Request (POST)

`/gateway/bonus/{version}/manual_bonus/forfeit_bonuses/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	header received from ‘Login’

Response

Status 200

{
  "status": "Success",
  "data": {
    "bonus_amount_deducted": "10.4",
    "wagering_amount_deducted": "100"
  }
}

Status 207

{
  "status": "Failure",
  "data": {
    "bonus_amount_deducted": "10.4",
    "wagering_amount_deducted": "100"
  },
  "message": "Some bonuses were forfeited, but some were not",
  "userFriendlyMessage": "Some bonuses were forfeited, but some were not"
  
}

Status 400

{
  "status": "Error",
  "data": " Player has open rounds.",
  "message": "Player has open rounds.",
  "userFriendlyMessage": "Player has open rounds."
}

{
  "status": "Error",
  "data": " Player doesn't have an active bonus.",
  "message": "Player doesn't have an active bonus.",
  "userFriendlyMessage": "Player doesn't have an active bonus."
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Get Recent Active FRB Bonuses Statuses

Request (GET)

`/gateway/bonus/{version}/data/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
X-Auth-Token	header	string	true	Player Login Session

Response

Status 200

{
  "status": "Success",
  "data": [
    {
      "frb_template_name": "3 diff provider 1 g multi games",
      "frb_provider": "Pragmatic Play",
      "total_rounds": "23",
      "frb_game_name": "Sweet Bonanza",
      "frb_game_id": "158000003",
      "frb_bonus_description": "dfbdfbdfb",
      "event_time": "2025-04-10 10:02:06"
    }
  ]
}

Status 400

{
  "status": "Error",
  "data": {
    "errMsg": "invalid input - invalid brandId"
  },
  "message": "invalid brand_id",
  "userFriendlyMessage": "invalid brand id"
}

Status 401

{
  "status": "Error",
  "data": {
    "errMsg": "invalid input - invalid token"
  },
  "message": "authentication failed",
  "userFriendlyMessage": "Authentication failed"
}

Status 500

{
  "result": "internal server error"
}

Good Will Gesture bonus

Request Get GWG Parameters (GET)

`/gateway/financials/{version}/gwg/eligibility/{brand_id}/{player_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
player_id	path	int	true	none
Authorization	header	string	true	form prop AI_CHAT_AUTH_HEADER

Response

Status 200

{
  "status": "Success",
  "data": {
    "total_balance": 10,
    "bonus_opt_out": false,
    "logged_in": true,
    "vip_level": 1,
    "total_withdrawal_amount": 0,
    "total_deposit_amount": 0,
    "total_bonus_received": 10,
    "withdrawal_ratio": 0,
    "bonus_ratio": 0,
    "pending_kyc_verification": false,
    "cash_gift_eligible_deposits": 0,
    "cash_gift_eligible_deposits_eur": 0,
    "country": "NZ",
    "pending_withdrawal": 0
  }
}

Status 400

{
  "status": "Error",
  "data": null,
  "message": "invalid input - invalid brand id",
  "userFriendlyMessage": "invalid input - invalid brand id"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Request Grant Manual Bonus (POST)

`/gateway/bonus/{version}/gwg/{brand_id}/{player_id}`

Parameters:

{
  "bonus_name": "string",
  "bonus_amount": 100
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
player_id	path	int	true	none
Authorization	header	string	true	form prop AI_CHAT_AUTH_HEADER

Response

Status 200

{
  "status": "Success",
  "data": {
     "refId": 1825996,
      "msg": ""
  }
}

Status 400

{
  "status": "Error",
  "data": null,
  "message": "player is not eligible for cashback",
  "userFriendlyMessage": "player is not eligible for cashback"
}

Status 500

{
  "status": "Error",
  "data": null,
  "message": "internal server error",
  "userFriendlyMessage": "internal server error"
}

Comp Points

Comp Points Endpoints

This section will display all available endpoints to get comp points data.

Player Comp Points

This method retrieves a players balance of comp points.

Comp points are awarded to a player with each round. When the player accumulates a minimum number of comp points, they can convert their comp points to money. use gateway.[msdomain]

Request (GET)

`/gateway/financials/compoints/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.

Response

Status 200

{
  "compoints": 10,
  "conversionRate": 100
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 404

{
  "errMsg": "Player getPlayerCompoints Details not found"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
compoints	current comp points balance for player.
conversionRate	conversion rate by player segmentation for comp points.

Request (PUT)

`/gateway/financials/compoints/{version}/{brand_id}`

Parameters:

{
  "conversionAmount": 0
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
conversionAmount	path	int	true	amount to redeem, will be added to player balance (conversionAmount/ conversionRate), division must return a whole number.

Response

Status 200

{
  "exchangedCompoints": 10,
  "exchangedCash": 1
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 404

{
  "errMsg": "exchangePlayerCompoints Details not found"
}

Status 422

{
  "result": {
    "field": "compoints_conversion",
    "errorCode": "conversion_value_required"
  }
}

Status 500

{
  "errMsg": "update PlayerCompoints not succeeded"
}

Response Parameters:

Name	Description
exchangedCompoints	amount exchanged.
exchangedCash	amount redeemed to player account.

Transaction History

This method retrieves information about transactions and their statuses. use gateway.[msdomain]

Request (GET)

`/gateway/financials/{version}/transactions/{brand_id}/{from}/{to}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
from	path	string	true	The start date for the time range.
to	path	string	true	The end date for the time range.
type	query	string	false	Filters transactions by type. (withdraw/deposit)
status	query	string	false	Filters transactions by transaction status.(accepted/rejected/pending)
x-auth-token	header	string	false	player login session

Response

Status 200

{
  "all_transactions": [
    {
      "date": "2015-08-05T08:40:51.620Z",
      "transaction_id": "1",
      "transaction_type": "deposit",
      "method": "visa",
      "amount": "1000",
      "status": "Approved"
    }
  ],
  "total_deposits": "0",
  "total_withdrawals": "0",
  "net_deposits": "0"
}

Status 207 (player has pending withdraw)

{
  "pending_withdrawl": {
    "date": "2015-08-05T08:40:51.620Z",
    "transaction_id": "1",
    "transaction_type": "withdrawl",
    "method": "visa",
    "amount": "1000",
    "status": "pending"
  },
  "all_transactions": [
    {
      "date": "2015-08-05T08:40:51.620Z",
      "transaction_id": "1",
      "transaction_type": "deposit",
      "method": "visa",
      "amount": "1000",
      "status": "Approved"
    }
  ],
  "total_deposits": "0",
  "total_withdrawals": "0",
  "net_deposits": "0"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
all_transactions.date	Date of transaction.
all_transactions.transaction_id	id of transaction.
all_transactions.transaction_type	type of transaction.
all_transactions.method	method of transaction.
all_transactions.amount	amount of transaction.
all_transactions.status	status of transaction.
pending_withdrawl.date	Date of transaction.
pending_withdrawl.transaction_id	id of transaction.
pending_withdrawl.transaction_type	type of transaction.
pending_withdrawl.method	method of transaction.
pending_withdrawl.amount	amount of transaction.
pending_withdrawl.status	status of transaction.
total_deposits	total amount of deposits.
total_withdrawals	total amount of withdrawals.

Withdraw

Withdrawal Endpoints

This section will display all available endpoints to get Withdrawal data.

In order to make a withdrawal, the following steps should be taken:

Get Withdrawal Methods for the player.
Check Withdrawal Requirements for the player.
Begin Withdrawal process.

Withdrawal Methods

This method retrieves all available payment methods that are available for withdrawals (both used and unused).

Note:

You can only withdraw money to a used card or bank.
If the returned value says no_card under cards, then the payment methods doesn’t require a card number.
The logo URL for each payment method appears under key: logo.
If no payment methods have been used, the API returns only the default payment methods under used_methods. In most cases, the only default payment method is a bank transfer. For details, see the second example. use gateway.[msdomain]

Request (GET)

`/gateway/financials/{version}/methods/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

Version < 4

{
  "used_methods": [
    {
      "Visa": [
        {
          "cards": [
            "3123",
            "-XXX"
          ]
        },
        {
          "logo": "[PROMO_URL]/payment_methods/my_account/visa.png"
        }
      ]
    }
  ],
  "unused_methods": [
    {
      "Skrill": "[PROMO_URL]/payment_methods/my_account/skrill.png"
    },
    {
      "Maestro": "[PROMO_URL]/payment_methods/my_account/maestro.png"
    },
    {
      "Neteller": "[PROMO_URL]/payment_methods/my_account/neteller.png"
    },
    {
      "EcoPayz": "[PROMO_URL]/payment_methods/my_account/ecopayz.png"
    },
    {
      "clickandbuy": "[PROMO_URL]/payment_methods/my_account/clickandbuy.png"
    }
  ]
}

Version = 4

[
  {
    "name": "Visa",
    "cards": [
      "1234"
    ],
    "logo": "logo.png",
    "min": "23.11",
    "max": "105.55"
  }
]

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Version < 4

Name	Type	Description
used_methods	object	List which will contain all the available withdrawal methods for this player (depends also on deposit history).
unused_methods	int	additional methods(player cannot withdraw with them).

Version = 4

Name	Type	Description
name	string	The name of the payment method.
cards	array	The last four digits of the card number.
logo	string	The URL of the payment method’s logo.
min	string	The minimum amount that can be withdrawn using this payment method.
max	string	The maximum amount that can be withdrawn using this payment method.

Withdrawal Requirements

Check Withdrawal Requirements

This method checks the requirements for making a withdrawal. use gateway.[msdomain]

Request (GET)

`/gateway/financials/{version}/requirements/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use, for any version higher than 3.0, response will be async, and should be fetched from Status API.
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "minimum_withdrawal": 5,
  "maximum_withdrawal": "100;"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "message_format": "wagering_requirements",
  "wagering": 100
}

401 Response

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Description
minimum_withdrawal	int	minimum amount for withdraw (in major currency).
maximum_withdrawal	int	maximum amount for withdraw.

Withdrawal Request

This method creates a new, pending withdrawal request. It first verifies that all of the following requirements are met:

The payment_method matches one of the payment methods in the response to the Get Payment Methods call
The amount is for at least the minimum amount required
The card_number parameter includes either the player’s card number if withdrawing to a payment card, or the value no_card if the withdraw is via wire transfer

Note: If withdrawing to a payment card, it must be a card that the player has already used to make a payment or deposit. use gateway.[msdomain]

Version Compatibility Note If you use version 4 in the Get Payment Methods API, you must also use version 4 here in the Withdrawal Request API. Mixing versions will result in incompatible formats and may cause request failures.

Request (POST)

`/gateway/financials/{version}/withdrawal/{brand_id}`

Parameters:

{
  "amount": 0,
  "bonus_removal": true,
  "payment_method": "stringst",
  "card_number": "string",
  "accountname": "string",
  "accountnumber": "string",
  "swift": "string",
  "bankname": "string"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
request-id	header	string	true	2fa request id.
amount	body	int	true	request amount in cents.
bonus_removal	body	bool	true	indication if player has approved bonus removal.
payment_method	body	bool	true	requested payment method.
card_number	body	bool	true	Relevant only for Bank Transfer, the card number.
accountname	body	bool	true	Relevant only for Bank Transfer, the account name.
accountnumber	body	bool	true	Relevant only for Bank Transfer, the account number.

Response

Note on redirect_url: Some payment providers may require additional player actions after a withdrawal request (e.g., card tokenization). When the response includes a redirect_url field with a non-empty value:

The client should open this URL to allow the player to complete the required action
The URL can be opened in an iframe or a new browser tab/window
This is currently used for payment providers like Rapyd when handling Visa and Mastercard withdrawals for players who don’t have a saved card token
Future payment providers or additional use cases may utilize this field

Return URL Flow: After the player completes the action on the redirect URL (which may be on a different site), they will be redirected back to the site they came from. The return URL includes a status indicator that must be handled by the client. The status can be one of:

Success - Card token created successfully
Pending - Card token creation is pending
Failed - Card token creation failed

Upon return, the player should be prompted with the appropriate status of their withdrawal request.

Return URL Configuration: The return URL pattern is configurable per operator and set once during operator setup. While the domain is preset (the system knows where the player came from), operators can customize the URL pattern according to their site structure. Examples of possible configurations:

Path-based: https://yoursite.com/card/token/success
Hash-based: https://yoursite.com#cardTokenSuccess
Custom path: https://yoursite.com/withdrawal/card-verification/success

This follows the same pattern as deposit redirections, allowing operators to align with their existing URL structure.

Status 201

{
  "amount": 1000,
  "ref_id": 147852369,
  "message_format": "withdraw_success",
  "redirect_url": "https://example.com/card-tokenization"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 403

{
  "status": "Failure",
  "data": {
    "request-id": "1234567890"
  },
  "message": "2FA required",
  "userFriendlyMessage": "2FA required"
}

If you receive a 422 error code for an Unprocessable Entity error, the client should not use the Message Format method to send a request to the server, but use its internal logic to present the message for one or more fields that didn’t pass the validation.

This will not call the message format.

The following table explains validation code behavior:

Field	Error Code	Description
amount	minimum_withdrawal_requirement	minimum withdrawal amount not met.
balance	bonus_removal_warning	notification for the player that he has bonus balance available and it will be reset.

{
  "message_format": "minimum_withdrawal_requirement",
  "minimum_withdrawal_amount": 5
}

Status 429

{
  "status": "Failure",
  "data": "2fa code rate limit reached",
  "message": "2FA required",
  "userFriendlyMessage": "2FA required"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
amount	request amount.
ref_id	reference ID.
message_format	Message format to be displayed taken from Message Format.
redirect_url	(Optional) URL for additional actions required after withdrawal request. If returned and not empty, client should open this URL (in iframe or new tab). Currently used for payment provider card tokenization (e.g., Rapyd for Visa/Mastercard when player has no saved card token). After completing the action, the player will be redirected back to your site with a status path (`/card/token/{success\|pending\|failed}`). May be extended for additional providers or use cases in the future.

Withdrawal Cancellation

This method cancels a pending withdrawal request, based on the transaction_id in the response to the Transaction History call. Use gateway.[msdomain]

Request (PUT)

`/gateway/financials/{version}/withdrawal/{brand_id}`

Parameters:

{
  "transaction_id": 0
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.
transaction_id	body	int	true	reference to cancel.

Response

Status 200

{
  "message_format": "cancellation_success"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 400

{
  "message_format": "cancellation_failed"
}

Status 401

{
  "errMsg": "invalid input - invalid אםלקמ"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
message_format	Message format to be displayed taken from Message Format.

Gamification Coins

Gamification Coins Endpoints

Warning

Testing Phase: These endpoints are currently in testing and not ready for production. API structure and responses may change.

This section provides all available endpoints for the gamification coins system - a virtual currency that players can earn and redeem for various rewards including cash bonuses, free rounds bonuses, and physical items.

Overview

The gamification coins system allows:

Balance Management: Track player coins balances with full transaction history
Redemption: Players can redeem coins for shop items (cash bonuses, free rounds, physical items)
Smart Filtering: Shop items are filtered based on player context (VIP level, country, balance, game availability)
Transaction Tracking: Complete audit trail of all coin movements

Authentication

All endpoints require player authentication via the x-auth-token header (except Get Available Shop Items which supports both authenticated and anonymous access).

Available Endpoints

Get Balance - Retrieve player’s current coins balance and totals
Redeem Points - Redeem coins for shop items
Get Transaction History - View paginated transaction history with filters
Get Available Shop Items - Browse shop items filtered by player eligibility

Get Balance

Warning

Testing Phase: This endpoint is currently in testing and not ready for production. API structure and responses may change.

This method retrieves the current gamification coins balance for a player. Use gateway.[msdomain]

Request (GET)

`/gateway/coins/balance/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	Brand identifier
x-auth-token	header	string	true	Player authentication token (extracted from request header)

Note: The player_id is automatically extracted from the x-auth-token header by the gateway and appended to the path when forwarding to the marketing service.

Response

Status 200

{
  "status": "success",
  "data": {
    "brand_id": 1001,
    "player_id": 12345,
    "current_balance": "250.50",
    "total_received": "500.00",
    "total_redeemed": "249.50",
    "updated_at": "2025-01-09T14:30:00Z"
  },
  "message": "Successfully retrieved player balance"
}

Response Fields:

Field	Type	Description
brand_id	int	Brand identifier
player_id	int	Player identifier
current_balance	string	Current available coins balance (decimal)
total_received	string	Total coins received since account creation (decimal)
total_redeemed	string	Total coins redeemed since account creation (decimal)
updated_at	string	Last balance update timestamp (ISO 8601)

Status 500

{
  "status": "error",
  "data": null,
  "message": "Failed to get player balance"
}

Redeem Points

Warning

Testing Phase: This endpoint is currently in testing and not ready for production. API structure and responses may change.

This method processes a coin redemption/claim for a shop item. Use gateway.[msdomain]

The endpoint validates player eligibility, deducts coins from the player’s balance, and processes the shop item (e.g., grants a bonus, creates a free rounds bonus, or registers a physical item claim).

Request (POST)

`/gateway/coins/redeem/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	Brand identifier
x-auth-token	header	string	true	Player authentication token (extracted from request header)

Note: The player_id is automatically extracted from the x-auth-token header by the gateway and appended to the path when forwarding to the marketing service.

Request Body:

{
  "shop_item_id": "507f1f77bcf86cd799439011",
  "rounds": 20,
  "trigger_source": "PLAYER_SHOP",
  "trigger_details": {
    "source_page": "shop_ui",
    "campaign": "weekend_promo"
  },
  "comment": "Weekend promotion claim",
  "uuid": "unique-idempotency-key-123"
}

Field	Type	Required	Description
shop_item_id	string	true	MongoDB ObjectID of the shop item to redeem
rounds	int	false	Number of rounds for FRB selection (only required for FRB items with multiple tiers)
trigger_source	string	false	Source of the redeem (default: “MANUAL”)
trigger_details	object	false	Additional metadata about the redemption
comment	string	false	Optional comment for the transaction
uuid	string	false	Optional idempotency key to prevent duplicate redemptions

Response

Status 200 - Success

{
  "status": "success",
  "data": {
    "success": true,
    "transaction_id": 123456,
    "financial_ref_id": 78910,
    "new_balance": "150.50",
    "amount": "100.00",
    "already_processed": false
  },
  "message": "Successfully claimed coins"
}

Response Fields:

Field	Type	Description
success	boolean	Whether the redemption was successful
transaction_id	int64	ID of the gamification coins transaction
financial_ref_id	int64	Optional - Financial reference ID (e.g., bonus ID) if shop item created one
new_balance	string	Player’s new coins balance after redemption (decimal)
amount	string	Amount of coins deducted (decimal)
already_processed	boolean	True if the UUID was already used (idempotent response)

Status 422 - Validation Error

{
  "status": "fail",
  "data": {
    "result": {
      "code": "INSUFFICIENT_BALANCE",
      "message": "Insufficient balance to redeem this item"
    }
  },
  "message": "Validation error while claiming coins"
}

Common Error Codes:

INSUFFICIENT_BALANCE - Player doesn’t have enough coins
ITEM_NOT_FOUND - Shop item ID doesn’t exist
ITEM_NOT_ELIGIBLE - Player is not eligible for this item (segmentation/eligibility filters)
INVALID_ROUNDS_SELECTION - Invalid rounds parameter for FRB item
GAME_NOT_AVAILABLE - FRB game is not available for the player

Status 500 - Server Error

{
  "status": "error",
  "data": null,
  "message": "Failed to claim coins"
}

Example Use Cases

Redeem Cash Bonus Item

{
  "shop_item_id": "507f1f77bcf86cd799439011",
  "uuid": "unique-transaction-uuid"
}

Redeem FRB Item with Specific Rounds

{
  "shop_item_id": "507f1f77bcf86cd799439012",
  "rounds": 50,
  "uuid": "unique-transaction-uuid"
}

Redeem Physical Item

{
  "shop_item_id": "507f1f77bcf86cd799439013",
  "comment": "T-shirt size L",
  "uuid": "unique-transaction-uuid"
}

Notes

The endpoint automatically extracts the player’s IP address for player context validation
Player token from x-auth-token header is used for game availability checks (FRB filtering)
Idempotency: If the same uuid is provided multiple times, the first successful redemption is processed, and subsequent requests return the same response with already_processed: true
For FRB items with multiple rounds configurations, the rounds parameter must match one of the available tiers

Get Transaction History

Warning

Testing Phase: This endpoint is currently in testing and not ready for production. API structure and responses may change.

This method retrieves the paginated transaction history for a player’s gamification coins. Use gateway.[msdomain]

Request (GET)

`/gateway/coins/transactions/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	Brand identifier
x-auth-token	header	string	true	Player authentication token (extracted from request header)
page	query	int	false	Page number (default: 1, min: 1, max: 1000)
page_size	query	int	false	Number of items per page (default: 20, min: 1, max: 100)
transaction_type	query	string	false	Filter by transaction type (RECEIVED or REDEEMED)
start_date	query	string	false	Filter transactions from this date (ISO 8601 format)
end_date	query	string	false	Filter transactions until this date (ISO 8601 format)

Note: The player_id is automatically extracted from the x-auth-token header by the gateway and appended to the path when forwarding to the marketing service.

Query Parameter Examples:

?page=1&page_size=20
?transaction_type=REDEEMED
?start_date=2025-01-01T00:00:00Z&end_date=2025-01-31T23:59:59Z
?page=2&page_size=50&transaction_type=RECEIVED

Response

Status 200

{
  "status": "success",
  "data": {
    "transactions": [
      {
        "id": 123456,
        "transaction_type": "REDEEMED",
        "transaction_sub_type": "CASH_BONUS",
        "amount": "-100.00",
        "balance_before": "250.50",
        "balance_after": "150.50",
        "created_at": "2025-01-09T14:30:00Z",
        "source": "PLAYER_SHOP",
        "reference_id": 78910,
        "trigger_details": {
          "shop_item_id": "507f1f77bcf86cd799439011",
          "shop_item_name": "10 USD Cash Bonus"
        }
      },
      {
        "id": 123455,
        "transaction_type": "RECEIVED",
        "transaction_sub_type": "MANUAL",
        "amount": "50.00",
        "balance_before": "200.50",
        "balance_after": "250.50",
        "created_at": "2025-01-08T10:15:00Z",
        "source": "ADMIN_GRANT",
        "reference_id": null,
        "trigger_details": {
          "comment": "Customer satisfaction compensation"
        }
      },
      {
        "id": 123454,
        "transaction_type": "REDEEMED",
        "transaction_sub_type": "FRB",
        "amount": "-75.00",
        "balance_before": "275.50",
        "balance_after": "200.50",
        "created_at": "2025-01-07T18:45:00Z",
        "source": "PLAYER_SHOP",
        "reference_id": 54321,
        "trigger_details": {
          "shop_item_id": "507f1f77bcf86cd799439012",
          "shop_item_name": "50 Free Rounds on Starburst",
          "game_id": "starburst",
          "provider_id": "netent",
          "rounds": 50
        }
      }
    ],
    "pagination": {
      "page": 1,
      "page_size": 20,
      "total_pages": 5,
      "total_items": 87
    }
  },
  "message": "Successfully retrieved transaction history"
}

Response Fields:

Transaction Object:

Field	Type	Description
id	int64	Transaction identifier
transaction_type	string	Type of transaction: “RECEIVED” or “REDEEMED”
transaction_sub_type	string	Sub-type: “MANUAL”, “CASH_BONUS”, “FRB”, “PHYSICAL”, etc.
amount	string	Transaction amount (decimal, negative for REDEEMED)
balance_before	string	Balance before the transaction (decimal)
balance_after	string	Balance after the transaction (decimal)
created_at	string	Transaction timestamp (ISO 8601)
source	string	Trigger source (e.g., “PLAYER_SHOP”, “ADMIN_GRANT”, “SYSTEM”)
reference_id	int64	Optional - Financial reference ID (e.g., bonus ID)
trigger_details	object	Optional - Additional transaction metadata

Pagination Object:

Field	Type	Description
page	int	Current page number
page_size	int	Number of items per page
total_pages	int	Total number of pages
total_items	int	Total number of transactions

Transaction Sub-Types:

RECEIVED Transactions:
- MANUAL - Manually granted coins (admin/system)
REDEEMED Transactions:
- CASH_BONUS - Redeemed cash bonus item
- FRB - Redeemed free rounds bonus item
- PHYSICAL - Redeemed physical item

Status 500

{
  "status": "error",
  "data": null,
  "message": "Failed to get transaction history"
}

Notes

Transactions are returned in reverse chronological order (newest first)
Invalid query parameters (page, page_size) will be ignored and defaults will be used
Date filters use inclusive ranges (start_date ≤ transaction.created_at ≤ end_date)
The trigger_details field contains context-specific information based on the transaction type
For REDEEMED transactions, reference_id typically contains the financial system reference (e.g., bonus ID for CASH_BONUS)

Get Available Shop Items

Warning

Testing Phase: This endpoint is currently in testing and not ready for production. API structure and responses may change.

This method retrieves shop items available for a specific player, filtered by player context (VIP level, country, balance, date/time) and game availability. Use gateway.[msdomain]

This endpoint is used to display the shop UI to players, showing only items they are eligible to redeem.

Request (GET)

`/gateway/coins/shop/available/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	Brand identifier
x-auth-token	header	string	false	Player authentication token (optional - if not provided, returns all active items)

Note:

If x-auth-token is provided, the player_id is extracted and added as a query parameter (?player_id=123) when forwarding to the marketing service
If no token is provided, the endpoint returns all active shop items without eligibility filtering (useful for anonymous/preview mode)
Player IP address is automatically extracted from the request for geo-location filtering

Response

Status 200 - With Authentication

{
  "status": "success",
  "data": {
    "items": [
      {
        "item": {
          "id": "507f1f77bcf86cd799439011",
          "brand_id": 1001,
          "name": "cash_bonus_10_usd",
          "display_name": "10 USD Cash Bonus",
          "description": "Get $10 cash bonus added to your account",
          "status": "active",
          "segmentation_filters": [
            {
              "field": "vip_level",
              "filter_type": "enum",
              "operator": "in",
              "comparison_val": [3, 4, 5]
            }
          ],
          "eligibility_filters": [
            {
              "field": "balance",
              "filter_type": "numeric",
              "operator": "greater_than_or_equals",
              "comparison_val": 50.0
            }
          ],
          "type": "CASH_BONUS",
          "data": [
            {
              "currency": "USD",
              "amount": "10.00",
              "coins_cost": "100.00"
            },
            {
              "currency": "EUR",
              "amount": "8.50",
              "coins_cost": "100.00"
            }
          ],
          "purchase_stats": {
            "past_week_count": 5,
            "lifetime_count": 127
          },
          "created_at": "2024-12-01T10:00:00Z",
          "created_by": "admin@casino.com",
          "updated_at": "2025-01-05T14:30:00Z",
          "updated_by": "admin@casino.com"
        },
        "is_eligible": true,
        "ineligible_reasons": []
      },
      {
        "item": {
          "id": "507f1f77bcf86cd799439012",
          "brand_id": 1001,
          "name": "frb_starburst_50",
          "display_name": "50 Free Rounds on Starburst",
          "description": "Get 50 free spins on Starburst slot",
          "status": "active",
          "segmentation_filters": [
            {
              "field": "country",
              "filter_type": "string",
              "operator": "in",
              "comparison_val": ["US", "CA", "GB"]
            },
            {
              "field": "day_of_week",
              "filter_type": "enum",
              "operator": "in",
              "comparison_val": [6, 7]
            }
          ],
          "eligibility_filters": [
            {
              "field": "balance",
              "filter_type": "numeric",
              "operator": "greater_than_or_equals",
              "comparison_val": 75.0
            }
          ],
          "type": "FRB",
          "data": {
            "game_id": "starburst",
            "provider_id": "netent",
            "rounds_conf": [
              {
                "rounds": 20,
                "coins_cost": "50.00",
                "duration": 30,
                "conf": [
                  {
                    "currency": "USD",
                    "wagering_multiplier": "10.00",
                    "max_winning": "100.00"
                  },
                  {
                    "currency": "EUR",
                    "wagering_multiplier": "10.00",
                    "max_winning": "85.00"
                  }
                ]
              },
              {
                "rounds": 50,
                "coins_cost": "100.00",
                "duration": 60,
                "conf": [
                  {
                    "currency": "USD",
                    "wagering_multiplier": "15.00",
                    "max_winning": "250.00"
                  }
                ]
              }
            ]
          },
          "purchase_stats": {
            "past_week_count": 12,
            "lifetime_count": 342
          },
          "created_at": "2024-11-15T10:00:00Z",
          "created_by": "admin@casino.com",
          "updated_at": "2025-01-01T12:00:00Z",
          "updated_by": "admin@casino.com"
        },
        "is_eligible": false,
        "ineligible_reasons": [
          "balance: requires 75.00, player has 50.00",
          "day_of_week: requires [6,7], today is 3"
        ]
      },
      {
        "item": {
          "id": "507f1f77bcf86cd799439013",
          "brand_id": 1001,
          "name": "tshirt_limited_edition",
          "display_name": "Limited Edition T-Shirt",
          "description": "Get an exclusive casino branded t-shirt",
          "status": "active",
          "segmentation_filters": [
            {
              "field": "vip_level",
              "filter_type": "enum",
              "operator": "in",
              "comparison_val": [5]
            }
          ],
          "eligibility_filters": [],
          "type": "PHYSICAL",
          "data": {
            "name": "Limited Edition T-Shirt",
            "description": "Casino branded t-shirt, size L",
            "coins_cost": "500.00"
          },
          "purchase_stats": {
            "past_week_count": 2,
            "lifetime_count": 45
          },
          "created_at": "2024-10-01T10:00:00Z",
          "created_by": "admin@casino.com",
          "updated_at": "2024-12-20T16:00:00Z",
          "updated_by": "admin@casino.com"
        },
        "is_eligible": true,
        "ineligible_reasons": []
      }
    ]
  },
  "message": "Successfully retrieved available shop items"
}

Status 200 - Without Authentication (Anonymous/Preview Mode)

{
  "status": "success",
  "data": {
    "items": [
      {
        "item": {
          "id": "507f1f77bcf86cd799439011",
          "brand_id": 1001,
          "name": "cash_bonus_10_usd",
          "display_name": "10 USD Cash Bonus",
          "description": "Get $10 cash bonus added to your account",
          "status": "active",
          "type": "CASH_BONUS",
          "data": [...],
          "purchase_stats": {
            "past_week_count": 5,
            "lifetime_count": 127
          }
        },
        "is_eligible": false,
        "ineligible_reasons": []
      }
    ]
  },
  "message": "Successfully retrieved available shop items"
}

Response Fields:

ShopItemAvailability Object:

Field	Type	Description
item	object	Shop item details (see ShopItem below)
is_eligible	boolean	Whether the player is eligible to redeem this item
ineligible_reasons	string[]	List of reasons why the player is not eligible (empty if eligible)

ShopItem Object:

Field	Type	Description
id	string	Shop item MongoDB ObjectID
brand_id	int	Brand identifier
name	string	Internal item name
display_name	string	User-facing display name
description	string	Item description
status	string	Item status: “active” or “inactive”
segmentation_filters	Filter[]	Player segmentation filters (VIP level, country, day of week, date)
eligibility_filters	Filter[]	Player eligibility filters (balance, etc.)
type	string	Item type: “CASH_BONUS”, “FRB”, or “PHYSICAL”
data	object	Type-specific data (see examples below)
purchase_stats	object	Purchase statistics (past_week_count, lifetime_count)
created_at	string	Creation timestamp (ISO 8601)
created_by	string	Creator email
updated_at	string	Last update timestamp (ISO 8601)
updated_by	string	Last updater email

Filter Object:

Field	Type	Description
field	string	Filter field: “vip_level”, “country”, “day_of_week”, “date”, “balance”
filter_type	string	Filter type: “numeric”, “string”, “enum”, “regex”, “date”
operator	string	Comparison operator: “in”, “equals”, “greater_than”, “less_than”, etc.
comparison_val	any	Value(s) to compare against (type depends on filter_type)

Data Types by Item Type:

CASH_BONUS:

[
  {
    "currency": "USD",
    "amount": "10.00",
    "coins_cost": "100.00"
  }
]

FRB (Free Rounds Bonus):

{
  "game_id": "starburst",
  "provider_id": "netent",
  "rounds_conf": [
    {
      "rounds": 50,
      "coins_cost": "100.00",
      "duration": 30,
      "conf": [
        {
          "currency": "USD",
          "wagering_multiplier": "15.00",
          "max_winning": "250.00"
        }
      ]
    }
  ]
}

PHYSICAL:

{
  "name": "Limited Edition T-Shirt",
  "description": "Casino branded t-shirt, size L",
  "coins_cost": "500.00"
}

Status 500

{
  "status": "error",
  "data": null,
  "message": "Failed to get available shop items"
}

Filtering Logic

The endpoint applies multiple layers of filtering:

Status Filter: Only “active” shop items are returned
Segmentation Filters (if player is authenticated):
- VIP Level: Player’s VIP level must match filter criteria
- Country: Player’s country (from IP) must match filter criteria
- Day of Week: Current day must match filter criteria (1=Monday, 7=Sunday)
- Date: Current date/time must match filter criteria
Eligibility Filters (if player is authenticated):
- Balance: Player’s coins balance must meet threshold
Game Availability (for FRB items, if player is authenticated):
- Game must be available for the player based on their token
- Filtered rounds configurations based on player’s currency

Notes

Anonymous Access: If no x-auth-token is provided, all active items are returned with is_eligible: false and empty ineligible_reasons
Player Context: Player IP, token, VIP level, balance, and country are automatically extracted for filtering
FRB Filtering: For FRB items, the data.rounds_conf array is filtered to include only configurations matching the player’s currency
Purchase Stats: Statistics show popularity (past 7 days and lifetime)
Ineligible Reasons: Clear human-readable explanations for why a player cannot redeem an item
Multi-Currency: CASH_BONUS and FRB items can have configurations for multiple currencies

Player Wagering Details

Request (GET)

This method retrieves player wagering details

`/gateway/financials/{version}/wagering/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	none
x-auth-token	header	string	true	Player session token

Response

Status 200

{
  "status": "Success",
  "data":{
    "total_player_wagering_requirement": 1000,
    "remaining_wagering_balance": 400,
    "fulfilled_wagering": 600,
    "wagering_progress": 60
  }
}

Status 400

{
  "status": "Error",
  "data":{
    "errMsg": "invalid input - invalid token"
  },
  "message": "authentication failed",
  "userFriendlyMessage": "Authentication failed"
}

{
"status": "Error",
"data": {
  "errMsg": "invalid input - invalid brandId"
},
"message": "invalid brand_id",
"userFriendlyMessage": "invalid brand id"
}

Status 401

{
  "status": "Error",
  "data": {
    "errMsg": "invalid input - invalid token"
  },
  "message": "authentication failed",
  "userFriendlyMessage": "Authentication failed"
}

Status 500

{
  "status": "Error",
  "data":"",
  "message": "unable to get player wagering details",
  "userFriendlyMessage": "unable to get player wagering details"
}

Response Parameters:

Name	Description
total_player_wagering_requirement	total (original/initial) wagering rerquirement as sum of all bonus wagerings
remaining_wagering_balance	how much wagering is left until we complete the wagering requirements
fullfiled_wagering	how much of the total player wagering reqruirement was fullfiled
wagering_progress	ratio of fullfiled / total player wagering requirement, multiplied by 100 to show as precent of total

Games

Games Endpoints

This section will display all available endpoints to get games data.

Games Categories

This method returns all of the game IDs for the games that a player played. use gateway.[msdomain] mode: You can retrieve the data in two formats:

By default, the data is formatted by categories only.
mode=category: When you add this parameter, the data is formatted as two JSON objects: one for the game IDs and names, and one for the categories to which the games belong.

Request (GET)

`/gateway/history/{version}/games/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
mode	query	string	false	You can retrieve the data in two formats:
x-auth-token	header	string	false	The player’s authentication token, in UUID format.

Response

Status 200

[
  {
    "Table": [
      {
        "name": "European Blackjack",
        "id": "1191"
      }
    ]
  },
  {
    "Classic Slots": [
      {
        "name": "Angel Slot",
        "id": "134"
      },
      {
        "name": "Fashion Slot",
        "id": "152"
      }
    ]
  }
]

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
html	Game launch url, if platform is desktop, will be wrapped in iframe.
htmlIndicator	indication if platform is desktop.
provideRC	indication if RC check should be performed on our side, if yes, need to continue to call player status.
isIframe	indication if game can be opened in iframe(in mobile).
game_url	uri for game launch without iframe.
game_html	Game launch url, if platform is desktop, will be wrapped in iframe.

Start Game

This method sends a request to start a new game. use gateway.[msdomain]

Request (POST)

`/gateway/games/{version}/start-game/{brand_id}/{game_id}/{lang}`

Parameters:

{
  "auth_token": "string",
  "return_url": "string"
}

Name	In	Type	Required	Description
brand_id	path	string	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
version	path	string	true	API version.
auth_token	body	string	true	Player login session.
return_url	body	string	true	Indication to where need to return when players closes the game.

Response

Status 200

{
  "html": "",
  "htmlIndicator": false,
  "provideRC": false,
  "isIframe": false,
  "game_url": "",
  "game_html": ""
}

Status 303

{
  "html": "",
  "htmlIndicator": false,
  "provideRC": false,
  "isIframe": false,
  "game_url": "",
  "game_html": "",
  "game_provider": "Groove_Nolimit",
  "result": "ggr_game",
  "real_balance": 22.22
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

401 Response, in case of some addition requirement needed before proceeding

Error Code	Description
INCOMPLETE_REGISTRATION	The player did not complete his registration process, need to complete Registration Step Two.
TNC_APPROVAL_REQUIRED	Player need to approve TnC.
PRIVACY_APPROVAL_REQUIRED	Player need to approve Privacy Policy.
PASSWORD_CHANGE_REQUIRED	Player has temp password and need to Change Password.
EMAIL_NOT_VERIFIED	Player email is not verified and cannot continue any process till he verifies his mail.

{
  "result": "INCOMPLETE_REGISTRATION"
}

Status 403

{
  "game_id": "",
  "html": "sdf",
  "htmlIndicator": false,
  "open_game_id": 123123,
  "result": "open_round_message",
  "game_url": "sdfsdf"
}

Status 403

{
  "result": "restricted_country"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
html	Game launch url, if platform is desktop, will be wrapped in iframe.
htmlIndicator	indication if platform is desktop.
provideRC	indication if RC check should be performed on our side, if yes, need to continue to call player status.
isIframe	indication if game can be opened in iframe(in mobile).
game_url	uri for game launch without iframe.
game_html	Game launch url, if platform is desktop, will be wrapped in iframe.
real_balance	For GGR games, indication on how much money he can actually play in game, please not that NOT ALL that on some cases, not all real money is available in game.

Games History

Retrieve all game history. use gateway.[msdomain]

Request (GET)

`/gateway/history/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (pagination supported in version 3.0 and above).
brand_id	path	string	true	The ID of the casino.
x-auth-token	header	string	false	The player’s authentication token, in UUID format.
from	query	string	false	Date filter, from time, format YYYY-MM-DD.
to	query	string	false	Date filter, to time, format YYYY-MM-DD.
round_id	query	string	false	Round id to get data for.
unique_game_ids	query	string	false	Unique game ids to get data for, split by comma.
page	query	string	false	Page num to retrieve, default to 1.
games_per_page	query	string	false	records per page num to retrieve, default to 100.

Response

Status 200

{
  "response": [
    {
      "balance_after": "237.75",
      "round_balance": "-0.87",
      "balance_before": "236.88",
      "bet": "0.75",
      "game_name": "King Kong",
      "round_id": "3593543",
      "platform_name": "Desktop",
      "provider_id": "NYX_Next-gen",
      "details": false,
      "time": "2017/04/12 09:23:44",
      "category": "Video Slots",
      "win": "1.62",
      "game_id": 70160
    }
  ],
  "total_bets": 1,
  "total_wins": 1,
  "currency": "USD",
  "currency_symbol": "$",
  "page_num": 1,
  "games_per_page": 100,
  "games_count": 120
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Type	Required	Restrictions	Description
» balance_after	string	false	none	The player’s balance after playing the round.
» round_balance	string	false	none	The calculated round balance (balance_before - balance_after).
» balance_before	string	false	none	The player’s balance before playing the round.
» bet	string	false	none	The amount of the bet.
» game_name	string	false	none	The name of the game.
» round_id	string	false	none	The ID of the round.
» platform_name	string	false	none	The name of the platform that player is using.
» provider_id	string	false	none	The ID of the game provider.
» details	boolean	false	none	Indicates if the casino has more details regarding the specific round. This parameter only applies to GS1 games.
» time	string	false	none	The time that the transaction occurred.
» category	string	false	none	The category of the game (such as slots or live casino).
» win	string	false	none	The amount of the win.
» game_id	string	false	none	The ID of the game.

Games Details

This method returns details about a round, should be sent only if indication for details is true in game history. use gateway.[msdomain]

Request (GET)

`/gateway/history/{version}/games/details/{brand_id}/{provider_id}/{round_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino.
provider_id	path	string	true	The ID of the game provider.
round_id	path	string	true	The ID of the round.
x-auth-token	header	string	true	The player’s authentication token, in UUID format.

Response

Status 200

{
  "html": ""
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Games List

This method returns a list of all available games for a casino. Use this method if you want to manage your lobby directly rather than using the Get Current Lobby Version method. use gateway.[msdomain]

Request (GET)

`/gateway/games/{version}/games/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (pagination supported in version 3.0 and above).
brand_id	path	string	true	The ID of the casino.

Response

Status 200

[
  {
    "Game Name": "1 Can 2 Can",
    "Game Id": "70071",
    "Game Type": "bo.gamesGroup.videoSlots",
    "Provider name": "NYX",
    "Sub provider name": "NYX_Next-gen",
    "Image": "[PROMO_URL]/lobby_images/NYX/NextGen/1Can_2Can.jpg",
    "Support FRB": 0,
    "Support Fun": 1,
    "Revenue plan": "ngr",
    "Micro games variant": null,
    "External Game ID": 70071,
    "External Game container": "1_can_2_can",
    "Rander": "Flash",
    "Exclusion": [
      "AU",
      "CA",
      "ES",
      "GB"
    ],
    "Supported platform": "Desktop, Mobile"
  },
  {
    "Game Name": "1429 Uncharted Seas",
    "Game Id": "240005",
    "Game Type": "bo.gamesGroup.videoSlots",
    "Provider name": "NYX",
    "Sub provider name": "NYX_Thunderkick",
    "Image": "[PROMO_URL]/lobby_images/NYX/Thunderkick/1429_Uncharted_Seas.jpg",
    "Support FRB": 0,
    "Support Fun": 1,
    "Revenue plan": "ngr",
    "Micro games variant": null,
    "External Game ID": 240005,
    "External Game container": "1429_uncharted_seas",
    "Rander": "Flash",
    "Exclusion": [
      "AU",
      "CA",
      "ES",
      "GB"
    ],
    "Supported platform": "Desktop, Mobile"
  },
  {
    "Game Name": "2 Million B.C.",
    "Game Id": "1224",
    "Game Type": "bsg.gamesGroup.Slots",
    "Provider name": "General",
    "Sub provider name": "BSG",
    "Image": "[PROMO_URL]/lobby_images/2MillionBC.jpg",
    "Support FRB": 1,
    "Support Fun": 1,
    "Revenue plan": "ngr",
    "Micro games variant": null,
    "External Game ID": 224,
    "External Game container": "2 Million B.C.",
    "Rander": "Flash",
    "Exclusion": [],
    "Supported platform": "Desktop, Mobile"
  }
]

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Games Allowed For Player

This method retrieves a list of game IDs for all of the games that are available to a player. It excludes any games that aren’t available for the country in which the player is registered or logged in. use gateway.[msdomain]

Request (GET)

`/gateway/games/{version}/player/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (pagination supported in version 3.0 and above).
brand_id	path	string	true	The ID of the casino.
x-auth-token	header	string	false	The player’s authentication token, in UUID format, will be used to filter ot irrelevant games.

Response

Status 200

[
  "70071",
  "1224",
  "1064",
  "70003",
  "1637",
  "70058"
]

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Last Bet

This method retrieves the date and time of the last bet. use gateway.[msdomain]

Request (GET)

`/gateway/rounds/{version}/{brand_id}/bet/last`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino.
x-auth-token	header	string	true	The player’s authentication token, in UUID format.

Response

{
  "last_bet": "2019-02-28 09:38:02.0"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Fraud & Compliance

Fraud And Compliance Endpoints

This section will display all available endpoints to get Fraud And Compliance data.

Limits

Limits Endpoints

This section will display all available endpoints to get limits data.

Delete & Swap limits are not available for all brands, it depends on the regulation that they are in, please contact your account manager for more information.

Get Limits

This method player limits. use gateway.[msdomain]

Request (GET)

`/gateway/limits/{version}/player/limits/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.

Response

Status 200

{
  "active": {
    "deposit": {
      "time_frame": "undefined",
      "amount": "undefined",
      "amount_left": "undefined",
      "changed_by": null,
      "end_time": "undefined"
    },
    "loss": {
      "time_frame": "week",
      "amount": "250",
      "start_time": "2017-02-05 15:15:56.0",
      "end_time": "2017-02-05 15:15:56.0",
      "last_changed": "2017-02-05 15:15:56.0",
      "changed_by": "player",
      "amount_left": "240"
    },
    "bet": {
      "time_frame": "week",
      "amount": "250",
      "start_time": "2017-02-05 15:15:56.0",
      "end_time": "2017-02-05 15:15:56.0",
      "last_changed": "2017-02-05 15:15:56.0",
      "changed_by": "player",
      "amount_left": "240",
      "can_activate": false
    },
    "time_limit": {
      "brand_id": 1007,
      "player_id": 2,
      "time_frame": "50_minutes",
      "status": "active",
      "changed_by": "player",
      "effective_of": "2018-06-18 17:38:23"
    }
  },
  "pending": {
    "bet": {
      "time_frame": "day",
      "amount": "20",
      "start_time": "2017-02-05 15:15:56.0",
      "last_changed": "2017-02-05 15:15:56.0",
      "changed_by": "player",
      "end_time": "2017-02-05 15:15:56.0",
      "row_id": "1235842",
      "can_activate": true
    }
  },
  "reality_check": "30_min"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
active	will contain list of current active limits, available types: bet, loss, deposit.
pending	will contain list of current pending limits, available types: bet, loss, deposit.
reality_check	will contain current reality check configuration, format XX_YY where xx will represent number and yy time frame (minute/minutes/hour/hours), player should get notified by this configuration.

Calculate Limits

This method calculates one or more pending limits for a player. use gateway.[msdomain]

Request (POST)

`/gateway/limits/{version}/player/limits/calculate/{brand_id}`

Parameters:

{
  "changed_by": "roman",
  "uuid": "201608120826_1",
  "loss": {
    "time_frame": "day",
    "new_amount": "200"
  },
  "bet": {
    "time_frame": "week",
    "new_amount": "1500"
  },
  "reality_check": "60_min"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
uuid	body	string	true	unique reference.
X.time_frame	body	string	true	time frame for the chosen limit.
X.new_amount	body	string	true	amount for the chosen limit.
reality_check	body	string	true	period for the reality check.

Response

Status 200

{
  "loss": {
    "effective_of": "now",
    "time_frame": "day",
    "amount": "200",
    "amount_left": "150"
  },
  "bet": {
    "effective_of": "2017-01-18 12:00",
    "time_frame": "week",
    "amount": "1500",
    "amount_left": "1500"
  },
  "reality_check": "60_min"
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
effective_of	indication if limit will be effective immediately, or after some cool down.
time_frame	time frame for the chosen limit.
amount	amount for the chosen limit.
amount_left	amount left for the chosen limit.

Update Limits

This method updates one or more of a player’s active/pending limits, need to use the result we get from Calculate Limits.

Request (PUT)

{
  "uuid": "1234",
  "loss": {
    "effective_of": "now",
    "time_frame": "day",
    "amount": "200",
    "amount_left": "150"
  },
  "bet": {
    "effective_of": "2017-01-18 12:00",
    "time_frame": "week",
    "amount": "1500",
    "amount_left": "1500"
  },
  "reality_check": "60_min"
}

`/gateway/limits/{version}/player/limits/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
effective_of	body	string	true	indication if limit will be effective immediately, or after some cool down.
time_frame	body	string	true	time frame for the chosen limit.
amount	body	string	true	amount for the chosen limit.
amount_left	body	string	true	amount left for the chosen limit.

Response

Status 202

"Updated"

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Swap Limits

This method changes a limit for a player. Use this call when a player confirms that they want to use their new, pending limit after the required 24-hour waiting period. For more information about limits

Request (PUT)

[
  "1234",
  "123"
]

`/gateway/limits/{version}/player/delete/limits/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
array	body	array	true	array containing all the ids to swap.

Response

Status 200

{
  "loss": {
    "effective_of": "now",
    "time_frame": "day",
    "amount": "200"
  },
  "bet": {
    "effective_of": "now",
    "time_frame": "week",
    "amount": "1500"
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
effective_of	indication if limit will be effective immediately, or after some cool down.
time_frame	time frame for the chosen limit.
amount	amount for the chosen limit.

Delete Limits

This method deletes one or more of a player’s pending limits, this should be used when player decides to remove his pending limits.

Request (PUT)

{
  "row_id": ["1234,123"]
}

`/gateway/limits/{version}/player/delete/limits/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
row_id	body	array	true	array containing all the ids to remove.

Response

204 Response (No Content)

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Limits Metadata

This method retrieves options for player limits. Use this method to populate a page that enables you to edit the limits. use gateway.[msdomain]

Request (GET)

`/gateway/limits/{version}/meta-data/{brand_id}/{currency}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	path	string	true	Player login session.
currency	path	string	true	ISO3 currency code.

Response

Status 200

{
  "deposit": {
    "amount": "no_limit",
    "period": "no_limit"
  },
  "bet": {
    "amount": "1000",
    "period": "week"
  },
  "loss": {
    "amount": "10000",
    "period": "month"
  },
  "limit_periods": [
    "day",
    "week",
    "month",
    "no_limit"
  ],
  "reality_check": {
    "period": "undefined",
    "options": [
      "15_min",
      "30_min",
      "60_min",
      "no_limit"
    ]
  }
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 401

{
  "errMsg": "invalid input - invalid token"
}

Status 500

{
  "result": "internal server error"
}

Exclusions

Exclusions Endpoints

This section will display all available endpoints to get exclusions data.

Exclusions Configuration

Get Exclusion Time Periods. use gateway.[msdomain]

Request (GET)

`/gateway/exclusions/{version}/configuration/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	string	true	Player login session.

Response

Status 200

{
  "self_exclusion": [
    "6_months",
    "1_year",
    "2_years",
    "5_years"
  ],
  "exclusion_types": {
    "self_exclusion": "self_exclusion",
    "account_closure": "account_closure",
    "timeout": "timeout"
  },
  "account_closure": [
    "problem",
    "bugs",
    "other"
  ],
  "timeout": [
    "1_day",
    "1_week",
    "6_months"
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Immediate Player Exclusion

Insert immediate player exclusion. use gateway.[msdomain]

Request (POST)

`/gateway/exclusions/{version}/immediate/{brand_id}/{player_id}`

Parameters:

{
  "exclusion_type": "self_exclusion",
  "period": "6_months",
  "reason": "other",
  "request_by": "player"
}

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
player_id	path	int	true	Player unique ID.
x-auth-token	header	string	true	Player login session.
exclusion_type	body	string	true	type of exclusion.
period	body	string	true	period of exclusion, relevant only for timeout and self_exclusion.
reason	body	string	true	reason of exclusion, relevant only for account_closure.

Response

Status 201

"added exclusion"

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Regulations

Regulations Endpoints

This section will display all available endpoints to get regulations data.

Brand Actions

This method retrieves the default regulation configuration for a casino. use gateway.[msdomain]

Request (GET)

`/gateway/currencies/{version}/currencyByIP/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.

Response

Status 200

{
  "DEFAULT_REGULATION": [
    "responsible_gaming",
    "limits",
    "deposit_message",
    "self_exclusion",
    "timeout",
    "account_closure",
    "login",
    "swap_limits",
    "gamstop",
    "reality_check",
    "time_limit"
  ]
}

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
DEFAULT_REGULATION	array containing all actions available for brand.

Player Actions

This method returns information about a player’s actions for regulation purposes.

If no regulations for the player and brand are found, returns "default". use gateway.[msdomain]

Request (GET)

`/gateway/regulations/{version}/configuration/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	int	true	The ID of the casino. If a `brand_id` is not provided, all message formats will be fetched from default storage.
x-auth-token	header	int	false	Player login session.

Response

Status 200

[
  "login",
  "inactivity",
  "deposit_message"
]

Status 400

{
  "errMsg": "invalid input - invalid brand id"
}

Status 500

{
  "result": "internal server error"
}

Response Parameters:

Name	Description
array	Array containing all actions for this player.

Tournaments integration

This section contains information about integration with Tournaments feature.

Tournaments players registration

For tournaments with a participation scope of ‘PRIVATE’, the player’s participation is not automatic and requires registration.
x-auth-token header is required

Request (POST)

`/tournaments/{version}/{brand_id}/register`

Request body:

{
  "tournament_id": "123e4567-e89b-12d3-a456-426614174000",  // Actual tournament ID, required
  "points_multiplier": "1.5",                               // Not required, currently not in use
  "metadata": {                                             // Additional ke-value pairs object, not required
    "source": "mobile_app",
    "referral_code": "ABCD1234"
  }
}

Response

Status 200

{
  "total" : 1,                                                  // Number of successfuly registered players
  "message" : "Player registered successfully for tournament"   // Result message
}

Status 400 (Tournament not found)

{
  "total" : 0,
  "data" : null,
  "message" : "tournament not found"
}

Tournaments list for casino

This document contains information about getting list of tournaments for particular casino.

Request (GET)

`/gateway/tournaments/{version}/{brand_id}`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use (pagination supported in version 3.0 and above).
brand_id	path	string	true	The ID of the casino.
status	query	string	false	Comma separated list of statuses:
				1=Active, currenty running tournament
				2=Inactive, cancelled by operator
				3=Completed, ended tournaments
				0=Pending, not started
page	query	string	false	page number, starts from page 1, set to 1 if not sent
page_size	query	string	false	limits number of results per page, set to 100 if not sent

Headers

x-auth-token: Not requred, its better to be sent for logged in user

Postman sample:

curl --location 'http://www.my_site_backend.com/tournaments/1/1501?status=0,1' \
--header 'x-auth-token: place your token here'

Response

Name	Type	Description
tournament_id	string	The ID of the tournament.
tournament_name	string	The Name of the tournament defined by operator.
tournament_description	string	The Description of the tournament defined by operator.
status	numeric	Current tournament status: 0 - Pending (Not started yet), 1 - Active (Started), 2 - Inactive (stopped before start), 3 - Completed
games	object	List of games, participating in tournament, that exists in requested casino. It grouped by operator key, and each key contains operator
		friendly name and games information (name +id)
start_date	datetime	Date and time of the tournament start.
end_date	datetime	Date and time of the tournament end.
rules	object	See rules structure
prizes	object	See prizes structure

Status 200

{
    "status": "Success",
    "data": {
        "tournaments": [
         {
                "tournament_id": "15c19ead-fc42-4be1-8b52-5b384686850d",
                "tournament_name": "automation_iutAg",
                "tournament_description": "Automation Test",
                "status": 2,
                "games": {
                    "26": {
                        "provider_name": "Betsoft",
                        "groovy_provider_id": "26",
                        "games": [
                            {
                                "game_id": "82672",
                                "game_name": "Rook's Revenge"
                            }
                         ]
                    }
                },
                "start_date": "2025-12-01 09:51:00",
                "end_date": "2025-12-02 12:00:00",
                "rules": {
                    "MinimumBetsOrRoundsRequired": [
                        {
                            "required_bets": 5,
                            "required_rounds": 10
                        }
                    ],
                    "WinToPointsConversion": [
                        {
                            "points_to_add": 10,
                            "required_win": 10
                        }
                    ]
                },
                "prizes": {
                    "SpecificPositionPrize": [
                        {
                            "position": 1,
                            "prize": 100,
                            "prize_name": "Automation"
                        }
                    ]
                }
            }
        ],
        "numberOfPages": 9,
        "tournamentsPerPage": 10,
        "tournamentsCount": 90,
        "currencyCode": "USD"
    }

Status 400 (Missing authentication header)

{
  "status" : "Error",
  "data" : {
    "errMsg" : "invalid input - invalid token"
  },
  "message" : "authentication failed",
  "userFriendlyMessage" : "Authentication failed"
}

Tournaments prizes structure

Tournaments Prizes contains information about tournament prizes definitions

Suported prizes definitions:

SpecificPositionPrize

contain ‘position’, ‘prize’ and ‘prize_name’ fields. Define prize for specific position in leaderboard

SpecificPositionRangePrize

contain ‘start_position’, ’end_position’, ‘prize’ and ‘prize_name’ fields. Define prize for range of positions in leaderboard

Values of field prize/prize name can be empty, for one of the fields, so another should contain value

Tournaments rules structure

Tournaments Rules contains information about different rules and limitation tournament engine uses to calculate player achievements during player’s tournament participation. Each rule can have different set of fields that require to exetute the rule

Suported rules:

BetToPointsConversion

contain ‘points_to_add’ and ‘required_wager’ points defined in ‘points_to_add’ field added to player while amount of bet per transaction hits the defined ‘required_wager’.

MinimumBetAmount

contain ‘required_wager’ field, minimum amount of bet per transaction to be eligable for the tournament

MinimumBetsOrRoundsRequired

contain ‘required_bets’ and ‘required_rounds’ . Minimum bets (totally) OR rounds played required for player to be eligable for tournament participation

WinToPointsConversion

contain ‘points_to_add’ and ‘required_win’ points defined in ‘points_to_add’ field added to player while amount of win per transaction hits the defined ‘required_win’.

Get Leaderboard

This document contains information about getting the leaderboard for a particular tournament in a casino.

Request (GET)

`/gateway/tournaments/{version}/{brand_id}/leaderboard`

Parameters:

Name	In	Type	Required	Description
version	path	string	true	The API version to use.
brand_id	path	string	true	The ID of the casino.
tournament_id	query	string	true	The ID of the tournament.
player_id	query	string	false	The ID of the player. Automatically derived from x-auth-token when that header is present.
status	query	string	false	Tournament status filter:
				1=Active, currenty running tournament
				3=Completed, ended tournaments

Postman sample:

curl --location 'http://www.my_site_backend.com/tournaments/1/1501/leaderboard?tournament_id=b3c9408a-8077-4c24-8939-3baa65e1eb44' \
--header 'x-auth-token: place your token here'

Response

The API returns ALL leaderboard entries for the tournament in a single response (no pagination).

Name	Type	Description
leaderboards	array	Array of tournament leaderboard objects.
tournament_id	string	The ID of the tournament.
tournament_name	string	The Name of the tournament defined by operator.
player_data	array	List of ALL players with their positions and points in the tournament.
position	integer	The player’s position in the leaderboard (1 for first place, 2 for second, etc.).
player_id	string	The unique identifier of the player. Masked as “*” + last 3 digits (e.g., “*024”) for privacy in leaderboard.
points	string	The total points accumulated by the player in the tournament.
prize_value	number	The prize value for this position.
start_date	datetime	Date and time of the tournament start.
end_date	datetime	Date and time of the tournament end.
games	object	List of games, participating in tournament, grouped by operator key.
total_participants	integer	Total number of players participating in the tournament.
rules	object	See rules structure
prizes	object	See prizes structure
current_player_entry	object	Information about the current player’s leaderboard entry (if player_id provided). Player ID is NOT masked in this field.

Status 200

{
  "status": "Success",
  "data": {
    "leaderboards": [
      {
        "tournament_id": "540855c7-7343-49d4-89a6-0b0b2e8e06bc",
        "tournament_name": "Tour erfrfrff",
        "player_data": [
          {
            "position": 1,
            "player_id": "***704",
            "points": "400",
            "prize_value": 200
          },
          {
            "position": 2,
            "player_id": "***024",
            "points": "342",
            "prize_value": 100
          },
          {
            "position": 3,
            "player_id": "***705",
            "points": "200",
            "prize_value": 50
          },
          {
            "position": 4,
            "player_id": "***888",
            "points": "200",
            "prize_value": 0
          },
          {
            "position": 5,
            "player_id": "***706",
            "points": "144",
            "prize_value": 0
          }
        ],
        "start_date": "2025-10-20 18:00:00",
        "end_date": "2025-11-17 18:00:00",
        "games": {
          "Groove_BetSoft": {
            "provider_name": "Betsoft",
            "games": [
              {
                "game_id": "82687",
                "game_name": "House of Fun"
              }
            ]
          }
        },
        "total_participants": 60,
        "rules": {
          "BetToPointsConversion": [
            {
              "points_to_add": 1,
              "required_wager": 5
            }
          ],
          "MinimumBetAmount": [
            {
              "required_wager": 10
            }
          ],
          "MinimumBetsOrRoundsRequired": [
            {
              "required_bets": 10,
              "required_rounds": 1
            }
          ]
        },
        "prizes": {
          "SpecificPositionPrize": [
            {
              "position": 1,
              "prize": 200
            },
            {
              "position": 2,
              "prize": 100
            },
            {
              "position": 3,
              "prize": 50
            }
          ]
        }
      }
    ],
    "current_player_entry": {
      "position": 11,
      "player_id": "224336",
      "points": "50",
      "prize_value": 0
    }
  }
}

Status 400 (Missing authentication header)

{
  "status" : "Error",
  "data" : {
    "errMsg" : "invalid input - invalid token"
  },
  "message" : "authentication failed",
  "userFriendlyMessage" : "Authentication failed"
}

Status 404 (Tournament not found)

{
  "status" : "Error",
  "data" : {
    "errMsg" : "tournament not found"
  },
  "message" : "Tournament with the specified ID does not exist",
  "userFriendlyMessage" : "Tournament not found"
}

Client Documentation

Subsections of Client Documentation

Intro

Subsections of Intro

Configuration

Requirements

Content

Subsections of Content

Site Management

Site Configuration

Subsections of Site Management

Lobby API

Request (GET)

/gateway/site-management/{version}/lobby/{brand_id}

Parameters:

Response

Response Parameters:

internationalization (i18n)

Request (GET)

/gateway/i18n/{version}/tags/{brand_id}/{language}

Parameters:

Response

Response Parameters:

TnC And Privacy Policy

Request (GET)

/gateway/tnc/{version}/document/revision/lastPublished/{brand_id}/{language}/{type}

Parameters:

Response

Response Parameters:

Countries

Request (GET)

/gateway/site-management/{version}/{brand_id}/countries

Parameters:

Response

Response Parameters:

Message Format

Request (GET)

/gateway/site-management/{version}/content/message/format/{message_string}

Parameters:

Response

Response Parameters:

Player Management

Player Management Endpoints

Subsections of Player Management

Admission

Admission Endpoints

Subsections of Admission

Registration Step One

Request (POST)

/gateway/reg-step-one/{version}/{brand_id}

Parameters:

Response

Response Parameters:

Registration Step Two

Request (POST)

/gateway/reg-step-two/{version}/{brand_id}

Parameters:

Response

Response Parameters:

Email and Password Registration

Request (POST)

/gateway/email-and-pass-reg/{version}/{brand_id}

Parameters:

Response

Response Parameters:

Basic Details Registration

Request (POST)

/gateway/basic-details-reg/{version}/{brand_id}

Parameters:

Response

Response Parameters:

Login

Request (POST)

/gateway/login/{version}/{brand_id}/player

Parameters:

Response

Response Parameters:

Logout

Request (POST)

/gateway/logout/{version}/{brand_id}/player

`/gateway/site-management/{version}/lobby/{brand_id}`

`/gateway/i18n/{version}/tags/{brand_id}/{language}`

`/gateway/tnc/{version}/document/revision/lastPublished/{brand_id}/{language}/{type}`

`/gateway/site-management/{version}/{brand_id}/countries`

`/gateway/site-management/{version}/content/message/format/{message_string}`

`/gateway/reg-step-one/{version}/{brand_id}`

`/gateway/reg-step-two/{version}/{brand_id}`

`/gateway/email-and-pass-reg/{version}/{brand_id}`

`/gateway/basic-details-reg/{version}/{brand_id}`

`/gateway/login/{version}/{brand_id}/player`

`/gateway/logout/{version}/{brand_id}/player`

`/gateway/login/keep-alive/{brand_id}`

`/gateway/crm/{version}/{brand_id}/token`

`/gateway/registration-test-user/{version}/{brand_id}`

`/gateway/rounds/{version}/player/open/{brand_id}/{player_id}`

`/gateway/rounds/{version}/player/close/aggregate/{brand_id}/{player_id}`

`/gateway/player-personal-details/player/details/{version}/{brand_id}`

`/gateway/player-personal-details/player/details/{version}/{brand_id}`

`/gateway/player-personal-details/{version}/custom-fields/{brand_id}`

`/gateway/player-personal-details/{version}/custom-fields/{brand_id}`

`/gateway/player-personal-details/player/details/emailUpdate/{version}/{brand_id}`

`/gateway/admission/{version}/forgot/password/{brand_id}`

`/gateway/admission/{version}/verify/password/{brand_id}`