Connect API

Connect API Reference - Operator API

Authentication Specification

Overview

Implement an authentication mechanism using clientKey and clientSecret to obtain a valid JWT token.

Requirements

Credentials:
- clientKey: A unique identifier for the client.
- clientSecret: A secret associated with the clientKey used for verification.
Security Considerations
- Ensure clientSecret is stored securely and transmitted over HTTPS.
- Implement rate limiting to protect against brute force attacks.

Authenticates the client using the provided credentials.

post

This endpoint is used to authenticate clients by validating their credentials (key and secret). On success, an access token and a refresh token are returned. These tokens are used for authorized access to the protected API endpoints.

Authorizations

AuthorizationstringRequired

REQUIRED - JWT Authorization header using the Bearer scheme. All API endpoints require authentication, except for authentication endpoints (Connect/authentication). Example: "Authorization: Bearer {token}"

Query parameters

api-versionstringOptional

Body

clientKeystring | nullableOptional

clientSecretstring | nullableOptional

Responses

200

Authentication was successful. The response includes the access and refresh tokens.

400

If the credentials are invalid or the request is malformed.

post

/Connect/authentication

POST /Connect/authentication HTTP/1.1
Host: operator-api.mgm.bingaodobrasil.com.br
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 42

{
  "clientKey": "text",
  "clientSecret": "text"
}

{
  "accessToken": "text",
  "refreshToken": "text",
  "expiresIn": 1,
  "validFrom": "2026-01-01T22:49:14.055Z",
  "validTo": "2026-01-01T22:49:14.055Z"
}

PreviousIntegration Workflow NextPlayer Authenticate API

Last updated 6 months ago

Authentication Specification

Overview

Requirements

Security Considerations

Authenticates the client using the provided credentials.