Developer Docs

RB7 Gaming Platform API

Integrate casino, slots, sports betting, and lottery games into your platform with our comprehensive API.

Introduction

Welcome to the RB7 Gaming Platform API. Our API provides seamless access to multiple game providers including casino games, slot machines, sports betting, and lottery systems.

🎰 Casino Games
Live dealer games from SA Gaming, Dream Game, WM, and more
🎮 Slot Games
Slots from Pragmatic Play, PG Slot, Joker, and 20+ providers
Sports Betting
Sports betting from multiple trusted providers
🎲 Lottery
RB7 Lotto and other lottery games

API surface

RB7 exposes two integration directions.

Game APIs — endpoints your system calls on RB7.

Agent APIs — webhook paths you host so RB7 can call your backend when wallet or user events occur.

📡 Game APIs
Your backend calls RB7 — list games, launch games, query transactions, and manage users. Authenticate with a JWT signed using your Agent ID and Secret Key.
🔔 Agent APIs
RB7 calls your webhook URL — for example to update player credit. Verify each request with a JWT in the Authorization header signed by RB7 using your Callback Key.

Authentication

RB7 issues three credentials per agent. Use Agent ID and Secret Key when your system calls Game APIs. Use Callback Key to verify webhook requests that RB7 sends to your Agent API endpoints.

Agent credentials

When onboarding, your team submits an agent name and webhook endpoint URL to RB7. After provisioning, RB7 returns the credentials below.

Parameter Used for Description
agentId Game APIs + Agent APIs Unique agent identifier included in JWT payloads
secretKey Game APIs (outbound) Sign JWT tokens when your system calls RB7 Game APIs
callbackKey Agent APIs (inbound) Verify JWT signatures on webhook requests RB7 sends to your backend

Game APIs — JWT with Secret Key

When calling RB7 Game APIs, sign a JWT with your Secret Key and send it in the Authorization header of each request.

JWT Token Structure

Your JWT token should contain the following payload:

// Install: composer require firebase/php-jwt

use Firebase\JWT\JWT;

$secretKey = 'YOUR_SECRET_KEY';
$agentId = '1000';
$userId = 1;

$payload = [
    'userId' => $userId,
    'agentId' => $agentId,
    'iat' => time(),
    'exp' => time() + (60 * 60 * 24) // 24 hours
];

$jwt = JWT::encode($payload, $secretKey, 'HS256');

echo $jwt;
// Install: npm install jsonwebtoken

const jwt = require('jsonwebtoken');

const secretKey = 'YOUR_SECRET_KEY';
const agentId = '1000';
const userId = 1;

const payload = {
  userId: userId,
  agentId: agentId,
  iat: Math.floor(Date.now() / 1000),
  exp: Math.floor(Date.now() / 1000) + (60 * 60 * 24) // 24 hours
};

const token = jwt.sign(payload, secretKey);

console.log(token);

Agent APIs — verify Callback Key

When RB7 calls your Agent API webhooks, it signs a JWT with your Callback Key and sends it in the Authorization header — the same header pattern as Game APIs, but signed with Callback Key instead of Secret Key. Your server must verify the token before processing the webhook body.

// Install: composer require firebase/php-jwt

use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\ExpiredException;

$callbackKey = 'YOUR_CALLBACK_KEY';
$authHeader = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
$token = preg_replace('/^Bearer\s+/i', '', $authHeader);

try {
    $payload = JWT::decode($token, new Key($callbackKey, 'HS256'));
    // Token valid — process webhook payload
} catch (ExpiredException $e) {
    http_response_code(401);
    exit('Token expired');
} catch (\Exception $e) {
    http_response_code(401);
    exit('Invalid signature');
}
// Install: npm install jsonwebtoken

const jwt = require('jsonwebtoken');

const callbackKey = 'YOUR_CALLBACK_KEY';
const authHeader = req.headers.authorization || '';
const token = authHeader.replace(/^Bearer\s+/i, '');

try {
  const payload = jwt.verify(token, callbackKey);
  // Token valid — process webhook payload
} catch (err) {
  return res.status(401).send('Invalid signature');
}

🔑 Game API JWT Manager

Sign with your Secret Key. Saved in the browser and used for Game API test requests below.

Quick Start

Get started with the RB7 API in just a few steps:

  1. Register your agent Submit your agent name and webhook endpoint URL to RB7. You will receive Agent ID, Secret Key, and Callback Key.
  2. Generate JWT Token Use the authentication code above to create your JWT token
  3. List Available Games Call the List Games API to see available games from providers
  4. Launch a Game Get the game URL and display it in an iframe or webview

GETList Games

Retrieve a list of available games from a specific game provider. Currently supports Slot type games.

GET /api/game/lists

Get list of games from specified provider

Query Parameters

Parameter Type Required Description
game string Required Game provider code (e.g., 'sa', 'pg', 'pragmatic')

🧪 Try It Out

Example Request

$token = 'YOUR_JWT_TOKEN';
$baseUrl = 'https://game-api-staging.linexgaming.com';
$gameProvider = 'pg'; // PG Slot

$ch = curl_init($baseUrl . '/api/game/lists?game=' . $gameProvider);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: ' . $token,
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($statusCode === 200) {
    $data = json_decode($response, true);
    print_r($data['data']); // Array of games
}
const axios = require('axios');

const token = 'YOUR_JWT_TOKEN';
const baseUrl = 'https://game-api-staging.linexgaming.com';
const gameProvider = 'pg'; // PG Slot

try {
  const response = await axios.get(`${baseUrl}/api/game/lists`, {
    params: { game: gameProvider },
    headers: {
      'Authorization': token,
      'Content-Type': 'application/json'
    }
  });

  console.log(response.data.data); // Array of games
} catch (error) {
  console.error('Error:', error.response?.data);
}

Example Response

{
  "statusCode": 200,
  "data": [
    {
      "code": "63d77314c7b4ea8acf592874",
      "name": "Coffee Or Me Bingo",
      "type": "arcade_bingo",
      "active": true,
      "order": 1,
      "imageUrl": "https://download.x-gaming.com/assets/arcade/coffeeormebingo/banner.png"
    }
  ],
  "timestamp": "2022-07-07T15:57:37+00:00"
}

GETLaunch Game

Get the game URL to launch and display the game in an iframe or webview.

GET /api/game/launch

Launch a game and get the playable URL

Query Parameters

Parameter Type Required Description
game string Required Game provider code
gameCode string Optional Specific game code from list games API
isMobile boolean Optional true for mobile, false for desktop

🧪 Try It Out

Example Response

{
  "statusCode": 200,
  "data": "https://www.sai.slgaming.net/app.aspx?username=xxxx&token=F5277F0AE1D5009E67651054F0E4AE4A&lobby=A7720&lang=th&returnurl=",
  "timestamp": "2022-07-07T15:57:37+00:00"
}

GETTransaction Detail

Retrieve detailed information about a specific game transaction including bet amount, win amount, and other transaction-specific data.

GET /api/game/transaction/detail

Get transaction details by transaction ID

Query Parameters

Parameter Type Required Description
game string Required Game provider code. Supported providers: rb7-lotto, rb7sportbook, rb7-slot, rb7casino, onebx
id string Required Transaction ID of the game (ticket id, bet id, ref id, or other transaction identifier)

Supported Game Providers

The Transaction Detail API supports the following game providers:

Code Name Type
rb7-lotto RB7 Lotto Lotto
rb7sportbook RB7 Sportbook Sport
rb7-slot RB7 Slot Slot
rb7casino RB7 Casino Casino
onebx OneBX Sport

🧪 Try It Out

Example Request

$token = 'YOUR_JWT_TOKEN';
$baseUrl = 'https://game-api-staging.linexgaming.com';
$game = 'rb7sportbook';
$transactionId = 'BET123456';

$ch = curl_init($baseUrl . '/api/game/transaction/detail?game=' . urlencode($game) . '&id=' . urlencode($transactionId));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: ' . $token,
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($statusCode === 200) {
    $data = json_decode($response, true);
    print_r($data);
}
const axios = require('axios');

const token = 'YOUR_JWT_TOKEN';
const baseUrl = 'https://game-api-staging.linexgaming.com';
const game = 'rb7sportbook';
const transactionId = 'BET123456';

try {
  const response = await axios.get(`${baseUrl}/api/game/transaction/detail`, {
    params: { game, id: transactionId },
    headers: {
      'Authorization': token,
      'Content-Type': 'application/json'
    }
  });

  console.log(response.data);
} catch (error) {
  console.error('Error:', error.response?.data);
}

Example Response

{
  "statusCode": 200,
  "data": {
    "bet_id": "BET123456",
    "bet_amount": 100.00,
    "win_amount": 250.00,
    "status": "completed",
    "url": "https://provider.com/bet/BET123456"
  },
  "timestamp": "2022-07-07T15:57:37+00:00"
}

Agent APIs

Agent APIs are endpoints that your system must implement and expose. RB7 calls these webhook paths on your side when wallet or user events happen during gameplay. This is the opposite direction of Game APIs, where your system calls RB7.

Agent onboarding

Before integrating Agent APIs, RB7 must provision your agent account. Your team provides the details RB7 needs to register callbacks; RB7 returns the credentials used on both sides of the integration.

  1. Submit agent details Send your agent name and webhook endpoint URL (base URL RB7 will call) to RB7.
  2. Receive credentials RB7 creates the agent and returns Agent ID, Secret Key, and Callback Key.
  3. Implement webhook paths Expose the Agent API paths documented below on your webhook endpoint and verify each request using your Callback Key.
Webhook authentication

Every Agent API request from RB7 includes a JWT in the Authorization header, signed with your Callback Key. Verify the signature before applying business logic. See the Authentication section for verify examples.

Important: webhook direction

Your team must prepare the paths listed below and handle requests exactly as documented. RB7 sends HTTP callbacks to your webhook URL. You validate the request, apply the business logic (for example credit adjustment), then return the expected HTTP status.

  • 1A player places a bet or a game event is settled on RB7.
  • 2RB7 sends a webhook request to your Agent API path (for example Update User Credit).
  • 3Your system updates the player wallet / user data and responds with HTTP 200 when accepted, or 400 / 500 when rejected.

🧪 Agent API test configuration

Configure your webhook base URL and a JWT signed with your Callback Key. Agent API Try It Out sections below send requests to your endpoint using these values.

Base URL RB7 calls. Paths such as /api/wallet/balance are appended automatically per endpoint.

JWT signed with your Callback Key (simulates RB7 calling your webhook). Sent in the Authorization header.

Agent API test configuration not saved

POSTUpdate User Credit

Update User Credit is a webhook endpoint that the agent must implement for RB7 to call. When a game transaction changes player credit, RB7 posts to this path on your system. If the user ID is valid, accept the request and adjust credit by the balance amount (positive or negative). To reject a request, return HTTP status 400 or 500 only.

Who implements this path?

You (the agent) host POST /api/wallet/balance on your backend. RB7 is the caller. Verify the JWT in the Authorization header using your Callback Key before updating credit. Make sure your integration covers every required field and response behavior in this section so wallet updates stay consistent.

POST /api/wallet/balance Webhook

Webhook for RB7 to update user credit on the agent system

Request Body Parameters

Parameter Type Required Description
userId number Required User ID
serviceName string Required Service name (e.g., 'aecasino', 'sa', 'pg')
balance number Required Update credit amount (positive/negative)
reference string Required Reference transaction ID
action string Optional Action type: bet, settle, cancel (Game Type casino or sport)
rawData object Optional Additional raw data from game provider

Action Field Values

The action field specifies the type of transaction. It is used for Game Type casino or sport. Additional action types may be available depending on the provider.

Important: The action field is used to describe the transaction type only, not to determine whether to add or deduct balance. The actual balance adjustment (add or deduct) is determined by the amount value sent: positive values add balance, negative values deduct balance.

Value Description
bet Used when a user places a bet. Deducts balance from user's wallet.
bet_settle Used when a bet is placed and settled in a single transaction. Deducts balance from user's wallet (negative amount).
settle Used when a bet is settled/won. Adds or deducts balance from user's wallet depending on the amount value (positive adds, negative deducts).
unsettle Used to reverse a settled bet. Deducts balance from user's wallet.
cancel Used when a bet is cancelled. Refunds balance to user's wallet.
rollback Used to rollback a transaction. Reverses the previous transaction.
tips Used when giving tips to dealer. Deducts balance from user's wallet.
cancel_tips Used when cancelling tips. Refunds tips balance to user's wallet.
adjust_balance Used to manually adjust user balance. Can be positive or negative.
promo Used for promotional credits (RB7 Casino only). Adds balance to user's wallet.

Note: Additional action types may be available depending on the provider. Please refer to your provider's documentation for the complete list of supported actions.

🧪 Try It Out

Uses your Agent API configuration (webhook URL + Callback Key JWT).

Configure Agent API test settings

Example Response

{
  "success": true
}

GETList Users

Retrieve a list of all users under your agent account.

GET /api/users Agent API

Get all users

🧪 Try It Out

Uses your Agent API configuration (webhook URL + Callback Key JWT).

Configure Agent API test settings

This endpoint requires no additional parameters.

Example Response

{
  "data": [
    {
      "id": 1,
      "username": "test",
      "firstName": "name",
      "lastName": "lastname",
      "credit": 1000.50
    }
  ]
}

GETGet User By ID

Retrieve detailed information about a specific user.

GET /api/users/{id} Agent API

Get user by ID

🧪 Try It Out

Uses your Agent API configuration (webhook URL + Callback Key JWT).

Configure Agent API test settings

Example Response

{
  "id": 1,
  "username": "test",
  "firstName": "name",
  "lastName": "lastname",
  "credit": 1000.50
}

Game Providers

List of supported game providers and their codes.

Casino Games

aeAE Casino
allbetAllbet
saSA Gaming
dgDream Game
wmWM Casino
afbcasinoAFB Casino
gd88GD88
evenbetEvenbet
rb7casinoRB7 Casino
prettygamingPretty Gaming

Slot Games

pragmaticPragmatic Play
pgPG Slot
jokerJoker
afbslotAFB Slot
amb-slotAMB Slot
amb-hacksawAMB Hacksaw Deprecated
amb-relaxAMB Relax
amb-nolimitAMB Nolimit
amb-918kissAMB 918Kiss Deprecated
amb-ace333AMB Ace333
amb-askmeplayAMB Askmeplay Deprecated
amb-amebaAMB Ameba
amb-slotxoAMB Slotxo
amb-simpleplayAMB Simpleplay Deprecated
amb-mannaplayAMB Mannaplay
amb-cq9AMB CQ9
amb-cgAMB Creative gaming
amb-live22AMB Live22
amb-netentAMB Netent Deprecated
amb-yggdrasilAMB Yggdrasil
amb-kingmakerAMB Kingmaker
rb7-slotRB7 Slot
spadegamingSpade Gaming
habaneroHabanero
rgslotRG Slot
jiliJili

Sports Betting

obetOBet Deprecated
wsWS Sportbook Deprecated
muayMuay Pakyok Deprecated
afbAFB1188 Deprecated
amb-sbobetAMB Sbobet Deprecated
onebxOne BX
rb7sportbookRB7 Sportbook

Lottery

rb7-lottoRB7 Lotto

Error Codes

Common HTTP error codes and their meanings in the RB7 API.

Status Code Error Description Common Causes
200 OK Request successful -
400 Bad Request Invalid request parameters Missing required fields, invalid data format
401 Unauthorized Authentication failed Invalid JWT token, expired token, missing Authorization header
403 Forbidden Access denied Insufficient permissions, IP whitelist restriction
404 Not Found Resource not found Invalid endpoint, user/game/transaction not found
500 Server Error Internal server error Unexpected server issues, contact support