When the game is opened, Naga Games receives a game URL that includes an identity token (Player Token) generated by operators. Naga Games then uses this token to request Operators for player authentication.
Read Me First!
An operator must generate X-Signature based on their input data before sending the request.
Please Refer ➡️ How to generate signature and data hash for Transfer mode?
An operator must process the data in the same order ( data order and the number of data fields passed ) as specified by Naga Games to get the result from the API. Please make sure that the signature generated is valid before requesting, as different data will generate different signature and will result in error ( happens if any order or any data is missing or invalid during the signature generation process ).
Please Refer ➡️ Data Order before Stringify & Hashing
/* JAVASCRIPT EXAMPLE */ // Example for request data const payload = { playerToken: '70bc0b625956e9fd48838d3046c380bb', gameCode: 'persian-gems', brandCode: 'srot', groupCode: 'dpae', } //To ensure accurate results when using this API. //The operator must create an instance of the generateSignatureExample() function. //Prior to employing the API, it is necessary to generate the signature using the newly implemented function since it provides a guaranteed output and response. const signature = generateSignatureExample(payload);
Request
API URL : {OperatorAPIDomain}/{OperatorEndpoint}
HTTP Method : POST
Header Parameter:
- X-Signature (String) - Required
Must be generated from signing process with correct order of data fields & secretKey.
Body Parameters:
- data (JSON)
Must contain all fields below.
| Parameter Name | Description | Data type | Required |
|---|---|---|---|
| playerToken | Unique token of the player | String (length: 255) | Yes |
| gameCode | Unique code name of the game | String (length: 255) | Yes |
| brandCode | Unique code name of a brand | String (length: 4) | Yes |
| groupCode | Unique code name of a group | String (length: 4) | Yes |
- dataHash (String) - Required
The request data coming from Naga Games would be hashed using SHA-256 as a data checksum.
Example
curl --request POST \
--url https://api-demo-operator.stg.game.topplatform.asia/vendor/auth \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--header 'x-signature: 6c662e391671c7333fb3cbf959b6b4414f5478d968ac9aa7c11a201cb3e5aee9' \
--data '
{
"data": {
"playerToken": "70bc0b625956e9fd48838d3046c380bb",
"gameCode": "persian-gems",
"brandCode": "srot",
"groupCode": "dpae"
},
"dataHash": "b9a1a8af277f65d3852fa15db3719b625b7edf0b1378ab5732dfe0bd0af91a03"
}
'
Response
Data Parameters:
| Parameter Name | Description | Data type |
|---|---|---|
| nativeId | Identifier of the player in Operator’s system | String (length: 255) |
| currency | Currency of the player | String |
| balance | Set this value to 0 on transfer mode. | number |
Example
Success Response Example (HTTP status code 200)
{
"data": {
"nativeId": "TRpl2",
"currency": "IDR",
"balance": 0
}
}
Failure Response Example (HTTP status code 404)
{
"data": null,
"error": {
"statusCode": 404,
"message": "User Not Found"
}
}