Game API
Core B2B integration methods: operator authentication, authorization, and iframe launch payload resolution.
Operator Authenticate
- Method
- POST
- Path
- /api/v1/operator/auth/authenticate
- Auth
- X-Rollix-Signature required when signature mode is enabled
- Headers
Content-Type: application/json
X-Rollix-Signature: <signature>
Request Body
{
"operatorId": "operator",
"apiKey": "operator-secret"
}Success Response (200)
{
"status": "ok",
"operatorId": "operator"
}Error Codes
Operator Authorize Launch Scope
- Method
- POST
- Path
- /api/v1/operator/auth/authorize
- Auth
- X-Rollix-Signature required when signature mode is enabled
- Headers
Content-Type: application/json
X-Rollix-Signature: <signature>
Request Body
{
"operatorId": "operator",
"playerId": "player-123",
"gameId": "1"
}Success Response (200)
{
"status": "ok",
"scope": "launch"
}Error Codes
OAuth Token (client_credentials / refresh_token)
- Method
- POST
- Path
- /api/v1/operator/oauth/token
- Auth
- Client credentials (Basic auth or form client_id/client_secret)
- Headers
Content-Type: application/x-www-form-urlencoded
Authorization: Basic <base64(client_id:client_secret)>
Request Body
grant_type=client_credentials&scope=launch
or
grant_type=refresh_token&refresh_token=<refresh_token>Success Response (200)
{
"access_token": "<jwt-or-random-token>",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "<refresh-token>"
}Error Codes
List Operator Games
- Method
- GET
- Path
- /api/v1/operator/games
- Auth
- X-Rollix-Signature required when signature mode is enabled
- Headers
Content-Type: application/json
X-Rollix-Signature: <base64-rsa-sha256-signature>
Request Body
N/A (query params)
operatorId=535895aa-c06e-4d91-b1f6-e5a85b55049eSuccess Response (200)
{
"locale": "en",
"fallback": false,
"games": [
{
"gameId": "1",
"name": "Slotix",
"provider": "rollix",
"type": "slot",
"status": "active",
"rtp": 96.0,
"rtpProfile": "base_96",
"volatilityProfile": "medium",
"mathVersion": "math-v1",
"configVersion": "cfg-v1",
"supportedCurrencies": ["USD", "EUR"],
"rows": 5,
"cols": 5,
"supportedModes": ["demo", "real"],
"launchReady": true,
"badges": ["operator-ready", "bonus-engine-ready"]
}
]
}Error Codes
Get Runtime Manifest
- Method
- GET
- Path
- /api/v1/operator/games/runtime-manifest
- Auth
- X-Rollix-Signature required when signature mode is enabled
- Headers
Content-Type: application/json
X-Rollix-Signature: <base64-rsa-sha256-signature>
Request Body
N/A (query params)
operatorId=535895aa-c06e-4d91-b1f6-e5a85b55049eSuccess Response (200)
{
"manifestVersion": "v1",
"generatedAt": "2026-05-23T00:00:00Z",
"games": [
{
"gameId": "1",
"launchReady": true,
"runtimeConfigVersion": "cfg-v1"
}
]
}Error Codes
Resolve Iframe Launch (Demo)
- Method
- GET
- Path
- /api/v1/operator/iframe/demo/{launchToken}
- Auth
- Launch token required in path
- Headers
Origin: https://your-casino.example
Request Body
N/ASuccess Response (200)
{
"operatorId": "operator",
"playerId": "player-123",
"gameId": "1",
"sessionId": "session-abc",
"token": "access-token",
"currency": "USD",
"backendUrl": "https://api.rollix.io",
"allowedParentOrigins": ["https://your-casino.example"],
"expiresAt": "2026-05-17T12:00:00Z"
}Error Codes
Resolve Iframe Launch (Real)
- Method
- GET
- Path
- /api/v1/operator/iframe/real/{launchToken}
- Auth
- Launch token required in path
- Headers
Origin: https://your-casino.example
Request Body
N/ASuccess Response (200)
{
"operatorId": "operator",
"playerId": "player-123",
"gameId": "1",
"sessionId": "session-abc",
"token": "access-token",
"currency": "USD",
"backendUrl": "https://api.rollix.io",
"allowedParentOrigins": ["https://your-casino.example"],
"expiresAt": "2026-05-17T12:00:00Z"
}Error Codes