Skip to main content
This guide walks you through everything you need to go from a fresh integration to a working game launch. By the end you will have verified your signing logic, confirmed that your callback service is responding correctly, and seen the Game List and User Auth APIs in action.

Integration Steps

1

Obtain your credentials

Contact iGamingAce to begin your licensee onboarding. You will receive:
  • API token — included in every request you make to iGamingAce.
  • Secret key — used locally to compute the sign parameter. Never send this over the wire.
  • Base URL — the iGamingAce endpoint you will call (for example, https://api.igamingace.com).
You must also provide iGamingAce with the base URL of your callback service (for example, https://merchant.com/callbackService). iGamingAce uses this URL to call your wallet endpoints during gameplay.
Keep your secret key in a secrets manager or environment variable. Do not commit it to source control.
2

Compute your data sign

When iGamingAce send callback to the Licensee server, we are using asign field computed as an HMAC-SHA-256 digest of a concatenated string of the request parameters. The result is 64 uppercase hexadecimal characters. The exact parameter order differs per endpoint and is specified in each endpoint’s reference page. The key is your secret key. Amount values must always be formatted to exactly two decimal places (for example, 12.30, not 12.3).Formula:
sign = HMAC-SHA256(secretKey, param1 + param2 + ... + paramN).toUpperCase()
Code examples:
public static string GetSign(string key, string message) {
    System.Security.Cryptography.HMAC hmac =
        System.Security.Cryptography.HMAC.Create("HMACSHA256");
    hmac.Key = System.Text.Encoding.UTF8.GetBytes(key);
    byte[] hash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(message));
    return BitConverter.ToString(hash).Replace("-", "").ToUpperInvariant();
}
Test vector — validate your implementation:
ParameterValue
agentIDPartner01
userIDPlayer01
amount12.30
transactionID474e1a293c2f4e7ab122c52d68423fcb
roundIDab9c15f2efdd46278e4a56b303127234
Secret Key: 1234567890Concatenated message:
Partner01Player0112.30474e1a293c2f4e7ab122c52d68423fcbab9c15f2efdd46278e4a56b303127234
Expected sign:
475D834ACC3AB61D7DF4EA42751C6275387BC1787A098D2D0E091698D9BF2043
If your computed sign does not match this value exactly, do not proceed. Check your string concatenation order, UTF-8 encoding, and that you are not adding any separators between parameter values.
3

Implement your callback service

iGamingAce calls your callback service during every game round. You must implement all five endpoints at your callback base URL. Each endpoint accepts HTTP POST with a JSON body.
EndpointPurpose
GetBalanceReturn the player’s current wallet balance
WithdrawDebit the player’s wallet (player places a bet)
DepositCredit the player’s wallet (player receives a win)
BetWinDebit and credit in a single atomic transaction
RollbackTransactionReverse a previously posted transaction
Your callback service must always respond with HTTP 200. Business errors — such as insufficient funds — must be reported as HTTP 200 with the appropriate result code in the JSON body, not as HTTP 4xx or 5xx.See the callback service guide for the full request and response schema for each endpoint.
4

Call the Game List API

Once your credentials are in place, call the Game List API to retrieve the full catalog of games available under your license.Store or cache the game list to populate your lobby. See the Game List API reference for the complete field descriptions and sign parameter order.
5

Launch a game

When a player chooses a game, call the User Auth API to generate an authenticated launch URL. Redirect the player’s browser to the returned URL.Redirect the player to gameURL. The URL is short-lived, so redirect immediately after receiving it. See the User Auth API reference for all supported parameters, including language options and return URL configuration.