RB7 Gaming Platform API
Integrate casino, slots, sports betting, and lottery games into your platform with our comprehensive API.
Introduction
Welcome to the RB7 Gaming Platform API. Our API provides seamless access to multiple game providers including casino games, slot machines, sports betting, and lottery systems.
API surface
RB7 exposes two integration directions.
Game APIs — endpoints your system calls on RB7.
Agent APIs — webhook paths you host so RB7 can call your backend when wallet or user events occur.
Authentication
RB7 issues three credentials per agent. Use Agent ID and Secret Key when your system calls Game APIs. Use Callback Key to verify webhook requests that RB7 sends to your Agent API endpoints.
Agent credentials
When onboarding, your team submits an agent name and webhook endpoint URL to RB7. After provisioning, RB7 returns the credentials below.
| Parameter | Used for | Description |
|---|---|---|
| agentId | Game APIs + Agent APIs | Unique agent identifier included in JWT payloads |
| secretKey | Game APIs (outbound) | Sign JWT tokens when your system calls RB7 Game APIs |
| callbackKey | Agent APIs (inbound) | Verify JWT signatures on webhook requests RB7 sends to your backend |
Game APIs — JWT with Secret Key
When calling RB7 Game APIs, sign a JWT with your Secret Key and send it in the Authorization header of each request.
JWT Token Structure
Your JWT token should contain the following payload:
// Install: composer require firebase/php-jwt
use Firebase\JWT\JWT;
$secretKey = 'YOUR_SECRET_KEY';
$agentId = '1000';
$userId = 1;
$payload = [
'userId' => $userId,
'agentId' => $agentId,
'iat' => time(),
'exp' => time() + (60 * 60 * 24) // 24 hours
];
$jwt = JWT::encode($payload, $secretKey, 'HS256');
echo $jwt;
// Install: npm install jsonwebtoken
const jwt = require('jsonwebtoken');
const secretKey = 'YOUR_SECRET_KEY';
const agentId = '1000';
const userId = 1;
const payload = {
userId: userId,
agentId: agentId,
iat: Math.floor(Date.now() / 1000),
exp: Math.floor(Date.now() / 1000) + (60 * 60 * 24) // 24 hours
};
const token = jwt.sign(payload, secretKey);
console.log(token);
Agent APIs — verify Callback Key
When RB7 calls your Agent API webhooks, it signs a JWT with your Callback Key and sends it in the Authorization header — the same header pattern as Game APIs, but signed with Callback Key instead of Secret Key. Your server must verify the token before processing the webhook body.
// Install: composer require firebase/php-jwt
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\ExpiredException;
$callbackKey = 'YOUR_CALLBACK_KEY';
$authHeader = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
$token = preg_replace('/^Bearer\s+/i', '', $authHeader);
try {
$payload = JWT::decode($token, new Key($callbackKey, 'HS256'));
// Token valid — process webhook payload
} catch (ExpiredException $e) {
http_response_code(401);
exit('Token expired');
} catch (\Exception $e) {
http_response_code(401);
exit('Invalid signature');
}
// Install: npm install jsonwebtoken
const jwt = require('jsonwebtoken');
const callbackKey = 'YOUR_CALLBACK_KEY';
const authHeader = req.headers.authorization || '';
const token = authHeader.replace(/^Bearer\s+/i, '');
try {
const payload = jwt.verify(token, callbackKey);
// Token valid — process webhook payload
} catch (err) {
return res.status(401).send('Invalid signature');
}
🔑 Game API JWT Manager
Sign with your Secret Key. Saved in the browser and used for Game API test requests below.
Quick Start
Get started with the RB7 API in just a few steps:
- Register your agent Submit your agent name and webhook endpoint URL to RB7. You will receive Agent ID, Secret Key, and Callback Key.
- Generate JWT Token Use the authentication code above to create your JWT token
- List Available Games Call the List Games API to see available games from providers
- Launch a Game Get the game URL and display it in an iframe or webview
GETList Games
Retrieve a list of available games from a specific game provider. Currently supports Slot type games.
Get list of games from specified provider
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| game | string | Required | Game provider code (e.g., 'sa', 'pg', 'pragmatic') |
🧪 Try It Out
Example Request
$token = 'YOUR_JWT_TOKEN';
$baseUrl = 'https://game-api-staging.linexgaming.com';
$gameProvider = 'pg'; // PG Slot
$ch = curl_init($baseUrl . '/api/game/lists?game=' . $gameProvider);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: ' . $token,
'Content-Type: application/json'
]);
$response = curl_exec($ch);
$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($statusCode === 200) {
$data = json_decode($response, true);
print_r($data['data']); // Array of games
}
const axios = require('axios');
const token = 'YOUR_JWT_TOKEN';
const baseUrl = 'https://game-api-staging.linexgaming.com';
const gameProvider = 'pg'; // PG Slot
try {
const response = await axios.get(`${baseUrl}/api/game/lists`, {
params: { game: gameProvider },
headers: {
'Authorization': token,
'Content-Type': 'application/json'
}
});
console.log(response.data.data); // Array of games
} catch (error) {
console.error('Error:', error.response?.data);
}
Example Response
{
"statusCode": 200,
"data": [
{
"code": "63d77314c7b4ea8acf592874",
"name": "Coffee Or Me Bingo",
"type": "arcade_bingo",
"active": true,
"order": 1,
"imageUrl": "https://download.x-gaming.com/assets/arcade/coffeeormebingo/banner.png"
}
],
"timestamp": "2022-07-07T15:57:37+00:00"
}
GETLaunch Game
Get the game URL to launch and display the game in an iframe or webview.
Launch a game and get the playable URL
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| game | string | Required | Game provider code |
| gameCode | string | Optional | Specific game code from list games API |
| isMobile | boolean | Optional | true for mobile, false for desktop |
🧪 Try It Out
Example Response
{
"statusCode": 200,
"data": "https://www.sai.slgaming.net/app.aspx?username=xxxx&token=F5277F0AE1D5009E67651054F0E4AE4A&lobby=A7720&lang=th&returnurl=",
"timestamp": "2022-07-07T15:57:37+00:00"
}
GETTransaction Detail
Retrieve detailed information about a specific game transaction including bet amount, win amount, and other transaction-specific data.
Get transaction details by transaction ID
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| game | string | Required | Game provider code. Supported providers: rb7-lotto, rb7sportbook, rb7-slot, rb7casino, onebx |
| id | string | Required | Transaction ID of the game (ticket id, bet id, ref id, or other transaction identifier) |
Supported Game Providers
The Transaction Detail API supports the following game providers:
| Code | Name | Type |
|---|---|---|
| rb7-lotto | RB7 Lotto | Lotto |
| rb7sportbook | RB7 Sportbook | Sport |
| rb7-slot | RB7 Slot | Slot |
| rb7casino | RB7 Casino | Casino |
| onebx | OneBX | Sport |
🧪 Try It Out
Example Request
$token = 'YOUR_JWT_TOKEN';
$baseUrl = 'https://game-api-staging.linexgaming.com';
$game = 'rb7sportbook';
$transactionId = 'BET123456';
$ch = curl_init($baseUrl . '/api/game/transaction/detail?game=' . urlencode($game) . '&id=' . urlencode($transactionId));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: ' . $token,
'Content-Type: application/json'
]);
$response = curl_exec($ch);
$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($statusCode === 200) {
$data = json_decode($response, true);
print_r($data);
}
const axios = require('axios');
const token = 'YOUR_JWT_TOKEN';
const baseUrl = 'https://game-api-staging.linexgaming.com';
const game = 'rb7sportbook';
const transactionId = 'BET123456';
try {
const response = await axios.get(`${baseUrl}/api/game/transaction/detail`, {
params: { game, id: transactionId },
headers: {
'Authorization': token,
'Content-Type': 'application/json'
}
});
console.log(response.data);
} catch (error) {
console.error('Error:', error.response?.data);
}
Example Response
{
"statusCode": 200,
"data": {
"bet_id": "BET123456",
"bet_amount": 100.00,
"win_amount": 250.00,
"status": "completed",
"url": "https://provider.com/bet/BET123456"
},
"timestamp": "2022-07-07T15:57:37+00:00"
}
Agent APIs
Agent APIs are endpoints that your system must implement and expose. RB7 calls these webhook paths on your side when wallet or user events happen during gameplay. This is the opposite direction of Game APIs, where your system calls RB7.
Agent onboarding
Before integrating Agent APIs, RB7 must provision your agent account. Your team provides the details RB7 needs to register callbacks; RB7 returns the credentials used on both sides of the integration.
- Submit agent details Send your agent name and webhook endpoint URL (base URL RB7 will call) to RB7.
- Receive credentials RB7 creates the agent and returns Agent ID, Secret Key, and Callback Key.
- Implement webhook paths Expose the Agent API paths documented below on your webhook endpoint and verify each request using your Callback Key.
Every Agent API request from RB7 includes a JWT in the Authorization header, signed with your Callback Key. Verify the signature before applying business logic. See the Authentication section for verify examples.
Your team must prepare the paths listed below and handle requests exactly as documented. RB7 sends HTTP callbacks to your webhook URL. You validate the request, apply the business logic (for example credit adjustment), then return the expected HTTP status.
- 1A player places a bet or a game event is settled on RB7.
- 2RB7 sends a webhook request to your Agent API path (for example Update User Credit).
- 3Your system updates the player wallet / user data and responds with HTTP 200 when accepted, or 400 / 500 when rejected.
🧪 Agent API test configuration
Configure your webhook base URL and a JWT signed with your Callback Key. Agent API Try It Out sections below send requests to your endpoint using these values.
Base URL RB7 calls. Paths such as /api/wallet/balance are appended automatically per endpoint.
JWT signed with your Callback Key (simulates RB7 calling your webhook). Sent in the Authorization header.
Agent API test configuration not saved
POSTUpdate User Credit
Update User Credit is a webhook endpoint that the agent must implement for RB7 to call. When a game transaction changes player credit, RB7 posts to this path on your system. If the user ID is valid, accept the request and adjust credit by the balance amount (positive or negative). To reject a request, return HTTP status 400 or 500 only.
You (the agent) host POST /api/wallet/balance on your
backend. RB7 is the caller. Verify the JWT in the Authorization
header using your Callback Key before updating credit. Make sure your
integration covers every required field and response behavior in
this section so wallet updates stay consistent.
Webhook for RB7 to update user credit on the agent system
Request Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| userId | number | Required | User ID |
| serviceName | string | Required | Service name (e.g., 'aecasino', 'sa', 'pg') |
| balance | number | Required | Update credit amount (positive/negative) |
| reference | string | Required | Reference transaction ID |
| action | string | Optional | Action type: bet, settle, cancel (Game Type casino or sport) |
| rawData | object | Optional | Additional raw data from game provider |
Action Field Values
The action field specifies the type of transaction.
It is used for Game Type casino or sport. Additional action types
may be available depending on the provider.
Important: The action field is used
to describe the transaction type only, not to determine whether to
add or deduct balance. The actual balance adjustment (add or
deduct) is determined by the amount value sent:
positive values add balance, negative values deduct balance.
| Value | Description |
|---|---|
| bet | Used when a user places a bet. Deducts balance from user's wallet. |
| bet_settle | Used when a bet is placed and settled in a single transaction. Deducts balance from user's wallet (negative amount). |
| settle | Used when a bet is settled/won. Adds or deducts balance from user's wallet depending on the amount value (positive adds, negative deducts). |
| unsettle | Used to reverse a settled bet. Deducts balance from user's wallet. |
| cancel | Used when a bet is cancelled. Refunds balance to user's wallet. |
| rollback | Used to rollback a transaction. Reverses the previous transaction. |
| tips | Used when giving tips to dealer. Deducts balance from user's wallet. |
| cancel_tips | Used when cancelling tips. Refunds tips balance to user's wallet. |
| adjust_balance | Used to manually adjust user balance. Can be positive or negative. |
| promo | Used for promotional credits (RB7 Casino only). Adds balance to user's wallet. |
Note: Additional action types may be available depending on the provider. Please refer to your provider's documentation for the complete list of supported actions.
🧪 Try It Out
Uses your Agent API configuration (webhook URL + Callback Key JWT).
Configure Agent API test settingsExample Response
{
"success": true
}
GETList Users
Retrieve a list of all users under your agent account.
Get all users
🧪 Try It Out
Uses your Agent API configuration (webhook URL + Callback Key JWT).
Configure Agent API test settingsThis endpoint requires no additional parameters.
Example Response
{
"data": [
{
"id": 1,
"username": "test",
"firstName": "name",
"lastName": "lastname",
"credit": 1000.50
}
]
}
GETGet User By ID
Retrieve detailed information about a specific user.
Get user by ID
🧪 Try It Out
Uses your Agent API configuration (webhook URL + Callback Key JWT).
Configure Agent API test settingsExample Response
{
"id": 1,
"username": "test",
"firstName": "name",
"lastName": "lastname",
"credit": 1000.50
}
Game Providers
List of supported game providers and their codes.
Casino Games
Slot Games
Sports Betting
Lottery
Error Codes
Common HTTP error codes and their meanings in the RB7 API.
| Status Code | Error | Description | Common Causes |
|---|---|---|---|
| 200 | OK | Request successful | - |
| 400 | Bad Request | Invalid request parameters | Missing required fields, invalid data format |
| 401 | Unauthorized | Authentication failed | Invalid JWT token, expired token, missing Authorization header |
| 403 | Forbidden | Access denied | Insufficient permissions, IP whitelist restriction |
| 404 | Not Found | Resource not found | Invalid endpoint, user/game/transaction not found |
| 500 | Server Error | Internal server error | Unexpected server issues, contact support |