Skip to content

Integration Options

Audience: Customer's CTO / lead architect doing a technical fit assessment. Read with key-features.md and ../architecture.md. Format: Each option lists current maturity, integration cost (S/M/L), and which file owns the abstraction so you can evaluate effort before kick-off. Monthly OpEx for each provider: see infrastructure-cost.md §3 — sourced public pricing per scaling scenario. Operational vendor prerequisites (lead times, sandbox access, how to obtain): ../delivery/prerequisites.md §2.

Maturity legend — applied per option: - production-grade — wired, exercised, has flow doc and/or runbook coverage. - scaffolded — code present and importable but not exercised by dropbet's primary flows. - stub — placeholder; explicit disabled or empty implementation.

Integration cost legend — for swapping or extending: - S — config + secrets only, no new code (≤ 1 week). - M — adapter + tests + admin UI tweaks (2–6 weeks). - L — new module, new contracts, new compliance review (8+ weeks).

1. White-label deployment

Evospin ships as a single-tenant, full-stack white-label. One Evospin deployment serves one operator brand. No multi-tenant sharing of player tables.

What's customisable Where Cost
Brand name, logo, colour palette ebit-fe/src/styles/ (Tailwind config) + ebit-fe/public/ assets S
Locales Add a JSON in ebit-fe/messages/<locale>.json, register in next-intl config (src/i18n/). EN + DE ship today S/M
Currency catalogue apps/api/src/accounting/ registry; FE display via ExchangeRatesService.toUsd() M
Country / geo gating apps/api/src/country/ allow / deny lists S
Captcha keys, payment provider keys, Sumsub keys, SMTP, Sentry DSN Doppler / .env — see ../env-reference.md S
Feature flags apps/api/src/site-config/ runtime toggles S
Email templates apps/api/src/external-notification-sender/ SMTP fan-out templates M

Maturity: production-grade. Cost: S–M to customise, L only if you fork the FE design system.

2. API-only consumption

A customer can build their own frontend (mobile app, custom web client, partner brand) on top of ebit-api directly. The HTTP surface is OpenAPI-documented at /swagger on port 4000.

Surface Where Notes
Player REST API apps/api/src/**/*.controller.ts (non-admin) Documented at ../api-reference/api.md; all routes JWT-guarded
Auth flow ../api-reference/auth-flow.md JWT in cookies (or Authorization header for non-browser clients)
WebSocket events apps/rt/src/gateway/events.ts Catalogue at ../api-reference/rt-events.md; namespace /events, websocket-only
Admin REST API apps/bo/src/ + apps/api/src/**/admin.*.controller.ts Separate Swagger; permission-guard-gated
Postman collection ../api/ Generated from OpenAPI

Maturity: production-grade. Cost: S — clients consume the same endpoints ebit-fe consumes.

3. Payment provider — swap or add

Three integrations live side-by-side under apps/api/src/payment/provider/integration/, all aggregated by PaymentProviderModule (payment-provider.module.ts):

Provider Code path Maturity Cost to swap to a new provider
CCPayment (default crypto) apps/api/src/payment/provider/integration/ccpayment/ (ccpayment.module.ts, ccpayment.service.ts, ccpayment-webhook.controller.ts, ccpayment-webhook.service.ts) production-grade
NowPayments apps/api/src/payment/provider/integration/nowpayments/ (nowpayments.service.ts, nowpayments-webhook.service.ts, nowpayments-api.service.ts, dto/) production-grade
SkinDeck apps/api/src/payment/provider/integration/skindeck/ scaffolded

Abstraction: each integration is its own NestJS module with *.service.ts (deposit/withdraw API calls) and *-webhook.controller.ts + *-webhook.service.ts (signature verification + ledger write). They don't share a unified interface today — PaymentProviderModule just imports all three; PaymentProviderService is the single export. The pattern is "add a new module beside the existing ones" rather than "implement an IPaymentProvider interface".

Cost to add a new payment provider: M — copy one of the three modules (CCPayment is the most complete reference), wire its *.module.ts into PaymentProviderModule.imports, and add the webhook controller path to the public route list. Webhook signature verification is per-provider (no shared helper).

Recurring fees: CCPayment 0.2 % service fee · NOWPayments 0.5 % single-currency / 1 % auto-convert · Skindeck {{Quote-only}}. See infrastructure-cost.md §3.12–3.14 + §5.

4. Game provider integration

Adapter-style: each provider is a NestJS module under apps/api/src/casino/slots/providers/<name>/ with a launch service + a wallet callback controller.

Provider Code path Maturity What ships
Softswiss apps/api/src/casino/games/api/softswiss/ (CDN catalogue) + apps/api/src/casino/games/service/hydrate-softswiss.service.ts production-grade Catalogue hydration (sub-vendor list, asset CDN), no wallet callback (Softswiss is catalogue-only in this code)
PM8 apps/api/src/casino/slots/providers/pm8/ (pm8.module.ts, pm8-launch.service.ts, pm8.controller.ts, api/pm8-api.module.ts) production-grade Launch URL signing + wallet callback
BGaming apps/api/src/casino/slots/providers/bgaming/ (api/bgaming-api.service.ts, wallet/bgaming.wallet.controller.ts, wallet/bgaming.wallet.service.ts, wallet/dev-proxy.wallet.controller.ts) production-grade Launch + wallet + dev-proxy for testing
ST8 apps/api/src/casino/slots/providers/st8/ scaffolded TBD coverage depth
EvoGames apps/api/src/casino/slots/providers/evogames/ scaffolded Adapter present; not wired into dropbet primary flows (separate from the orphan apps/bj)
Common scaffolding apps/api/src/casino/slots/providers/common/ Shared HMAC / signature / error helpers

Pattern: Each provider module exports a launch service (used by slot-games.service.ts to mint a play URL) and a wallet controller (handles getBalance, bet, win, rollback callbacks from the provider). Wallet callbacks write to the same bet/ pipeline used by house games, so settlement / GGR / leaderboard work identically.

Cost to add a new game provider: M–L — depending on the wallet protocol (one-step vs round-based). PM8 is a typical reference (~1,000 LoC for the full module); a complex provider with round IDs and refunds is closer to L.

Recurring fees: all five providers are {{Quote-only — typical 10–20 % rev-share on GGR}} with optional setup ($0–$25k) and monthly minimums ($0–$2.5k). See infrastructure-cost.md §3.10.

5. KYC provider — swap

Single integration today: Sumsub.

Layer Code path
Public façade apps/api/src/kyc/kyc.module.ts, kyc.service.ts, kyc-crud.service.ts, kyc.repository.ts, kyc.controller.ts
Sumsub-specific apps/api/src/kyc/sumsub/sumsub.service.ts, sumsub.dto.ts, utils.ts
Webhook controller apps/api/src/kyc/controller/

Maturity: production-grade (Sumsub).

Cost to swap to a different KYC provider (Onfido, Jumio, Veriff, etc.): M. The kyc.service.ts façade defines the application-side contract; sumsub/ is the adapter. A swap means writing a sibling <provider>/ adapter, replacing the Sumsub references inside kyc.service.ts with a thin strategy switch (or replacing it outright if you're committing to a single new provider), and writing a new webhook controller.

Recurring fees: Sumsub Basic $1.35/verification ($149 monthly minimum) · Compliance $1.85 ($299 minimum) · Enterprise {{Quote-only}}. Single-biggest variable cost line at Scale — see infrastructure-cost.md §3.5.

Cost to run two KYC providers concurrently (e.g. for jurisdictional fan-out): L. Today the service has a single in-line dependency on Sumsub; multi-provider routing is not abstracted.

6. Auth provider

Auth method Code path Maturity Cost
Email + password (JWT cookies) apps/api/src/auth/auth.controller.ts, auth.service.ts, cookies.ts, strategies/jwt.strategy.ts, strategies/jwt-refresh-strategy.ts production-grade
API key (S2S) apps/api/src/auth/strategies/api-key.strategy.ts, apps/api/src/api-key/ production-grade
Google OAuth apps/api/src/auth/strategies/google.strategy.ts; auth.service.ts:handleSuccessfulOAuthLogin; auth.controller.ts:setupUsernameAfterOAuthRegistration; passport-google-oauth2 in package.json scaffolded — strategy registered, callback endpoint exists, but operator must provide client ID / secret + verify production callback URL + finish FE wiring S–M
Steam OAuth apps/api/src/auth/strategies/steam/ scaffolded S–M
TOTP 2FA apps/api/src/auth/guards/, OtpGuard production-grade

Cost to add a new social provider (e.g. Apple, Twitter): M — implement a Passport strategy, register it in auth.module.ts, add the FE button + callback handler. The pattern follows google.strategy.ts.

7. Captcha provider

Provider Code path Maturity Notes
GeeTest v4 (primary) apps/api/src/captcha/geetest/geetest-captcha.service.ts production-grade Sliding-puzzle captcha; deduped via Redis cache key (recaptcha:<sha256(pass_token)>); validates against gcaptcha4.geetest.com/validate
reCAPTCHA (fallback) apps/api/src/captcha/google/recaptcha.guard.ts, recaptcha.module.ts production-grade Default Google reCAPTCHA path; is-capture-on: off header bypasses the gate when NODE_ENV=local — used for E2E and dev. Don't ship that flag in prod traffic

Cost to swap captcha providers (hCaptcha, Cloudflare Turnstile): S. The captcha service exposes a single validate() method behind a guard. Replace the HTTP call to the new provider's /validate endpoint and update the cache-key prefix.

Recurring fees: reCAPTCHA Enterprise free up to 10k assessments/mo, then $1/1k · GeeTest {{Quote-only}}. See infrastructure-cost.md §3.6–3.7.

8. SMTP / email provider

What Code path Cost
Email fan-out (verify, reset, welcome) apps/api/src/external-notification-sender/ S — config-only swap (provider URL + API key in .env)
Templates Same module M — if you customise per-locale or add new event types

Maturity: production-grade.

Recurring fees: SendGrid Essentials $19.95/mo (100k emails) → Pro $89.95 (2.5M) → Premier custom. See infrastructure-cost.md §3.4.

9. Telegram

What Code path Maturity Cost
Telegram bot endpoints apps/api/src/telegram/ scaffolded — endpoints exist; integration depth depends on operator's bot config S

10. Observability fan-out

The OTel collector is the single egress point. Anything that speaks OTLP can be added as a downstream exporter.

What Where Cost
Trace / metric / log destination swap (Datadog, New Relic, Honeycomb, Grafana Cloud) observability/otel-collector.yml (collector exporter list) S — add an exporter block, point a pipeline at it. Self-host stack still ships in compose; the collector fans out.
Add custom dashboards Grafana provisioning under observability/ S

Maturity: production-grade. See ../observability.md.

11. RabbitMQ / FastTrack

What Code path Maturity Cost
FastTrack bonus tracker producer apps/api/src/fast-track/rabbitmq/fast-track.rmq.module.ts stubdisabled = true at line 8; the module returns a no-op producer M to enable: implement the producer, declare events, point at FastTrack's vhost. RabbitMQ broker is already in compose (vhost=ft, 5672, UI 15672)

If your operator setup doesn't need FastTrack, leave the stub in place. RabbitMQ runs but receives zero traffic.

12. Sportsbook

Evospin's sportsbook layer (apps/api/src/sportbook/) is a proxy for an external odds engine. The operator brings the upstream sportsbook contract.

Surface Where Cost
Upstream odds engine external L — sportsbook providers vary widely; integration scope depends on the contract
S2S auth / actions apps/api/src/sportbook/s2s/, apps/api/src/sportbook/actions/ M — wire the operator's chosen sportsbook to the existing S2S contracts

13. What's not an integration option (today)

These are explicit non-goals or known gaps:

  • Multi-tenancy — one Evospin deployment = one operator. Don't try to share a Postgres across customers; the schemas are not tenant-scoped.
  • Self-hosted blockchain RNG fallback — speed-roulette is hard-bound to EOS (Wax / Jungle). Replacing the chain is L.
  • apps/bj (orphan) for dropbet traffic — the standalone blackjack server with the EVO-Games external-wallet path is not wired to dropbet. Treat it as roadmap work, not a configuration switch.
  • OpenAPI-driven SDK generation — the OpenAPI is published; an SDK generator pipeline is not yet shipped (TBD in ../api/).