Iframe Embedding

To launch a game for a user, embed the game via an iframe with a signed JWT token for authentication.

Getting the Token

Before embedding the game, you need to obtain a JWT token from your own backend:

1. Call your backend endpoint with proper authentication (user session, API key, etc.)
2. Your backend generates the JWT token using the process described in Token Generation
3. Use the returned token in the iframe URL

Basic Iframe Structure

<iframe src="https://games.phoenixbet.io/{game_id}?token={JWT_TOKEN}"></iframe>

Replace:

• {game_id} with the specific game identifier
• {JWT_TOKEN} with the token obtained from your backend

Demo Mode

To show the demo version of a game without authentication:

<iframe src="https://games.phoenixbet.io/{game_id}?demo=true"></iframe>

When demo=true is included as a query parameter:

• No JWT token is required
• The game runs in demo mode with virtual credits
• No real money transactions occur
• Perfect for testing or showcasing games to users

Recommended Configuration

Real Money Mode

<iframe 
  src="https://games.phoenixbet.io/{game_id}?token={token}"
  width="100%"
  height="600"
  frameborder="0"
  allowfullscreen>
</iframe>

Demo Mode

<iframe 
  src="https://games.phoenixbet.io/{game_id}?demo=true"
  width="100%"
  height="600"
  frameborder="0"
  allowfullscreen>
</iframe>

Responsive Design

For responsive layouts, use CSS:

.game-container {
  position: relative;
  width: 100%;
  height: 0;
  padding-bottom: 56.25%; /* 16:9 aspect ratio */
}

.game-container iframe {
  position: absolute;
  top: 0;
  left: 0;
  width: 100%;
  height: 100%;
}

Environments

Phoenix Games operates in two environments:

Use staging for development and testing, production for live operations.

Security Notes

• Never expose JWT tokens in client-side JavaScript variables
• Validate user sessions before requesting tokens from your backend
• Set appropriate iframe sandbox attributes if needed for additional security
• Use HTTPS for all iframe sources