Help Centre

How the Platform Works

ArcadeAPI sits between your platform and our game network. Here's the full data flow:

Your Platform  →  ArcadeAPI Relay  →  Game Network Servers
     (encrypt with your key)  →  (re-encrypt for network)  →  Game URL returned

Game Network Callback (bet data)  →  ArcadeAPI  →  Your callback_url
     (decrypt network payload)  →  (re-encrypt with your key)  →  forwarded to you

This means you never interact with our upstream provider directly. You use your own agency_uid and aes_key that we issue. We transparently relay and re-encrypt everything.

Your Credentials

Once your account is approved, you'll receive three values in the Client Portal under API Docs:

Quick Start

Here's the minimum to get a player into a game:

1. Get your credentials from the Client Portal

{
  "agency_uid": "your-agency-uid-here",
  "aes_key": "your-32-char-aes-key-here",
  "server_url": "https://your-arcadeapi-domain.com"
}

2. Encrypt your payload and call /api/game/v1

// PHP example
$payload = json_encode([
    'agency_uid'     => 'your-agency-uid',
    'member_account' => 'prefix_username',  // 4-20 chars, alphanumeric
    'game_uid'       => '1',
    'credit_amount'  => '100',
    'currency_code'  => 'USD',
    'language'       => 'en',
    'timestamp'      => (string)(time() * 1000),
]);
$encrypted = base64_encode(openssl_encrypt($payload, 'AES-256-ECB', $aesKey, OPENSSL_RAW_DATA));

$response = Http::post("$serverUrl/api/game/v1", [
    'agency_uid' => $agencyUid,
    'timestamp'  => (string)(time() * 1000),
    'payload'    => $encrypted,
]);

3. Receive the game URL

{
  "code": 0,
  "msg": "",
  "payload": {"game_launch_url": "https://game.provider.com/launch?..."}
}

Authentication & Encryption

Every API request uses AES-256-ECB encryption with PKCS7 padding, Base64 encoded. The encryption key is your aes_key.

The request body always has three top-level fields:

PHP Encrypt/Decrypt

// Encrypt
$encrypted = base64_encode(openssl_encrypt(
    $jsonString,
    'AES-256-ECB',
    $aesKey,
    OPENSSL_RAW_DATA
));

// Decrypt
$decrypted = openssl_decrypt(
    base64_decode($encryptedString),
    'AES-256-ECB',
    $aesKey,
    OPENSSL_RAW_DATA
);

JavaScript Encrypt/Decrypt (CryptoJS)

// npm install crypto-js
const CryptoJS = require('crypto-js');

function encrypt(data, key) {
    const k = CryptoJS.enc.Utf8.parse(key);
    return CryptoJS.AES.encrypt(JSON.stringify(data), k, {
        mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7
    }).toString();
}

function decrypt(cipher, key) {
    const k = CryptoJS.enc.Utf8.parse(key);
    return JSON.parse(CryptoJS.AES.decrypt(cipher, k, {
        mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7
    }).toString(CryptoJS.enc.Utf8));
}

1. Get Game URL (Seamless Wallet)

Use this endpoint to launch a game for a player. In Seamless mode, your platform manages the wallet — our game network will call your callback_url with bet/win data.

{
  "code": 0,
  "msg": "",
  "payload": {"game_launch_url": "https://..."}
}

2. Receive Bet Data (Seamless Callback)

The game network will POST to your callback_url when a player places a bet or wins. Your server must respond within a few seconds with an encrypted payload containing the player's updated balance.

// Decrypt, adjust balance, return encrypted new balance
{
  "code": 0,          // 0=success, 1=failure (server will retry)
  "msg": "",
  "payload": "<AES256EncryptionResult>"  // of {"credit_amount":"1000","timestamp":"..."}
}

3. Get Game URL (Transfer Wallet)

In Transfer mode, the game network manages the wallet balance. You deposit/withdraw via the same endpoint — no callback needed.

4. Get Transaction Records

5. Get Providers

6. Get Game List

PHP — Full Integration Example

<?php

class ArcadeApiClient {
    private string $serverUrl;
    private string $agencyUid;
    private string $aesKey;

    public function __construct(string $serverUrl, string $agencyUid, string $aesKey) {
        $this->serverUrl = rtrim($serverUrl, '/');
        $this->agencyUid = $agencyUid;
        $this->aesKey    = $aesKey;
    }

    private function encrypt(array $data): string {
        return base64_encode(openssl_encrypt(
            json_encode($data), 'AES-256-ECB', $this->aesKey, OPENSSL_RAW_DATA
        ));
    }

    private function decrypt(string $payload): ?array {
        $raw = openssl_decrypt(base64_decode($payload), 'AES-256-ECB', $this->aesKey, OPENSSL_RAW_DATA);
        return $raw ? json_decode($raw, true) : null;
    }

    private function post(string $path, array $innerPayload): array {
        $body = [
            'agency_uid' => $this->agencyUid,
            'timestamp'  => (string)(time() * 1000),
            'payload'    => $this->encrypt($innerPayload),
        ];
        $ch = curl_init($this->serverUrl . $path);
        curl_setopt_array($ch, [
            CURLOPT_POST           => true,
            CURLOPT_POSTFIELDS     => json_encode($body),
            CURLOPT_HTTPHEADER     => ['Content-Type: application/json'],
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_TIMEOUT        => 30,
        ]);
        $result = curl_exec($ch);
        curl_close($ch);
        return json_decode($result, true) ?? [];
    }

    public function getGameUrl(string $memberAccount, string $gameUid, float $balance, string $currency = 'USD'): ?string {
        $result = $this->post('/api/game/v1', [
            'agency_uid'     => $this->agencyUid,
            'member_account' => $memberAccount,
            'game_uid'       => $gameUid,
            'credit_amount'  => (string)$balance,
            'currency_code'  => $currency,
            'language'       => 'en',
            'timestamp'      => (string)(time() * 1000),
        ]);
        return $result['payload']['game_launch_url'] ?? null;
    }

    // Handle incoming callback from the game network
    public function handleCallback(array $post, callable $walletUpdater): array {
        $inner = $this->decrypt($post['payload']);
        if (!$inner) return ['code' => 1, 'msg' => 'decrypt failed', 'payload' => ''];

        // $walletUpdater(member, bet, win) => new balance
        $newBalance = $walletUpdater($inner['member_account'], $inner['bet_amount'], $inner['win_amount']);

        return [
            'code'    => 0,
            'msg'     => '',
            'payload' => $this->encrypt([
                'credit_amount' => (string)$newBalance,
                'timestamp'     => (string)(time() * 1000),
            ]),
        ];
    }
}

// Usage
$client = new ArcadeApiClient('https://arcadeapi.yourdomain.com', 'your-uid', 'your-32char-key');
$url = $client->getGameUrl('myop_player1', '1368367', 1000.00, 'USD');
header("Location: $url");

JavaScript (Node.js) — Example

const CryptoJS = require('crypto-js');
const axios    = require('axios');

const AES_KEY    = 'your-32-character-aes-key-here!!';
const AGENCY_UID = 'your-agency-uid';
const SERVER_URL = 'https://arcadeapi.yourdomain.com';

function encrypt(data) {
    const key = CryptoJS.enc.Utf8.parse(AES_KEY);
    return CryptoJS.AES.encrypt(JSON.stringify(data), key, {
        mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7
    }).toString();
}

async function getGameUrl(memberAccount, gameUid, balance, currency = 'USD') {
    const payload = encrypt({
        agency_uid: AGENCY_UID, member_account: memberAccount,
        game_uid: gameUid, credit_amount: String(balance),
        currency_code: currency, language: 'en',
        timestamp: String(Date.now()),
    });
    const { data } = await axios.post(`${SERVER_URL}/api/game/v1`, {
        agency_uid: AGENCY_UID,
        timestamp: String(Date.now()),
        payload,
    });
    return data?.payload?.game_launch_url;
}

Error Codes

Wallet Modes

Plans & Support

Minimum game credit deposit: 500 USDT (game credit wallet, separate from setup fee).

See full pricing details →

Frequently Asked Questions

Can I contact the game network directly?

No. ArcadeAPI holds exclusive enterprise-level reseller rights with our game network provider. All communications, transactions, and support go through us — this is how we provide a clean, unified API at a fraction of the direct access cost.

What is the member_account format?

It must be 4–20 characters, using only a-z and 0-9. We recommend a prefix unique to your platform (e.g., myop_player1). Never use the same member_account across different agencies.

What happens if I get the same serial_number in a callback?

Return code: 0 with the latest balance immediately. The same serial_number means the game server is retrying a callback that didn't get a valid response. Do not process the bet again.

Can I use the same game for multiple players simultaneously?

Yes. Each game_uid can be opened by any number of players simultaneously with different member_account values.

How do I set up 2FA on my account?

Go to Security (2FA) in the Client Portal sidebar. Scan the QR code with Google Authenticator or Authy, enter the 6-digit code to confirm, and 2FA will be enabled for all future logins.

What currencies are supported?

USD, INR, BDT, PHP, THB, VND, MYR, IDR, and more. Use the GET /api/game/providers endpoint with a currency filter to see which providers support your currency.