Integration guide
Environments
Integration uses test and production environments. Validate in test before going live. Merchant portal URLs, API endpoints, and OAuth URLs differ by environment.
Become a developer
Contact platform BD or operations for merchant portal credentials.
Create and maintain games in the merchant portal
- Log in with credentials from the platform and obtain
client_id,client_secret, and other required fields.
| Environment | Merchant portal |
|---|---|
| Test | http://up-gameplatform.pengpengla.com |
| Production | http://gameplatform.upliveapp.com |
One developer account can create multiple games.
When creating a game, provide name, URL, icon, and target countries/regions (checkboxes).
- For security, the game URL domain must match the callback domain configured for your developer account.
Server-side OAuth / API
Use server APIs for user profile, U Diamond/gold balance, and credit/debit. See OAuth and API List.
Never expose
client_secretor useraccess_tokento the client. Manage them on your server to avoid data leaks. Developers are responsible for losses caused by exposure.
Web JSSDK
Use JSSDK for login redirect and recharge flows. See JSSDK.
Brand packages (feature)
When entering a game inside the client, after authorization the platform appends feature to the game callback URL. If present, preserve feature across subsequent redirects.
| Brand | feature | U Diamond example | Asset |
|---|---|---|---|
| Uplive | (none) |  |
Download |
| Bubbly | 777 |  |
Download |
| Haya | 6666 |  |
Download |
Uplive is the default when feature is missing or unknown.
Notes
- All SDK methods depend on
init; callopenSdk.initfirst. See JSSDK. - Enable gzip and resource caching for performance.
- Call
openSdk.pingafter login for PV/UV stats. If you redirect after ping, do so in the pingsuccesscallback.
FAQ
1. Authorization
Q: Why am I not asked to choose a login method?
A: First-time Funpepper authorization may use guest login. Exit to the lobby, log out, then use a third-party login to disable guest login. Clearing browser cache restores guest login.
Q: System error during authorization
A: Usually redirect_url in openSdk.oauth does not match the domain configured in the merchant portal.
Q: Error 000007 when exchanging code for access_token
A: Invalid code or redirect_uri mismatch with redirect_url in openSdk.oauth. Each code is single-use; unused codes expire in 15 minutes.
Q: access_token lifetime
A: access_token lasts 12 hours; refresh with refresh_token. refresh_token lasts 90 days; re-authorize when it expires.
2. Other
Q: Multi-language
A: Use the _lang URL parameter only; do not use different URLs per language.
| Language | Code |
|---|---|
| Simplified Chinese | zh-CN |
| Traditional Chinese | zh-TW |
| English | en-US |
| Japanese | ja-JP |
| Indonesian | id-ID |
| Vietnamese | vi-VN |
| Arabic | ar-EG |
Q: How many callback domains?
A: One callback domain per developer account.
Q: Change callback URL
A: Contact BD/operations to update the platform, then update your merchant portal.
Q: Required assets
A: See dimensions in the diagram below.