Skip to content

Generating the Signature

To securely authenticate the iframe, the casino must generate a signature that will be included in the iframe URL. This signature ensures that the request is genuine and authorized, preventing tampering or misuse.

Signature Generation Workflow

  1. Collect the Required Parameters: The signature is generated using the following parameters, which are passed in the iframe URL:
    • casino: The unique identifier for the casino (assigned by LoyaltyGyre).
    • player: The player’s unique ID.
    • balance: The player’s credits balance.
    • box: The ID of the box to be displayed or interacted with.
    • timestamp: The current timestamp in UTC (format: YYYY-MM-DD HH:MM:SS).
  2. Create the Encoded Payload: The parameters must be arranged in alphabetical order by key, joined using the | (pipe) character. After the parameters, append the API key using a ; (semicolon). The encoded payload format is: 
    balance|box|casino|player|timestamp;API_KEY
  3. Generate the SHA-256 Hash: The signature is generated by hashing the encoded payload using the SHA-256 algorithm. This hash serves as the signature.

Example: Signature Generation

const crypto = require('crypto');

const apiKey = 'd41d8cd98f00b204e9800998ecf8427e';

const player = 'a8197e6b-96b5-433d-8e27-faf3748f8a03';
const balance = 102.99;
const box = 58;
const casino = 'b093b6bf-104b-483c-99bb-096bca9df9d1';
const timestamp = '2024-05-24 10:01:19';

// Join the parameter in keys' alphabetical order, and append the API Key
const encodedPayload = `${balance}|${box}|${casino}|${player}|${timestamp};${apiKey}`;

// Generate the SHA-256 hash (signature)
const signature = crypto
  .createHash('sha256')
  .update(encodedPayload)
  .digest('hex');

$apiKey = 'd41d8cd98f00b204e9800998ecf8427e';

$player = 'a8197e6b-96b5-433d-8e27-faf3748f8a03';
$balance = 102.99;
$box = 58;
$casino = 'b093b6bf-104b-483c-99bb-096bca9df9d1';
$timestamp = '2024-05-24 10:01:19';

// Join the parameter in keys' alphabetical order, and append the API Key
$encodedPayload = "{$balance}|{$box}|{$casino}|{$player}|{$timestamp};{$apiKey}";

// Generate the SHA-256 hash (signature)
$signature = hash('sha256', $encodedPayload);