Skip to main content
Gameball provides separate test and live environments to enable safe development and testing before deploying to production. Both environments share the same configurations but maintain completely isolated data.

API Keys

You have access to three keys in your Gameball Dashboard (Settings → Admin Settings → Account Integration):
KeyPurposeUsage
Test API KeyDevelopment & stagingUse in UAT/staging environments during integration
Live API KeyProductionUse in production once you go live
Secret KeyPoint transactions & high securityRequired for sensitive operations (same key works for both test/live)
Same Base URL: Both test and live use https://api.gameball.co/api/v4.0 — you only change the API key.

What’s Shared vs Separated

Shared (Mirrored Configurations)

These apply to both test and live:
  • Tiers and VIP levels
  • Campaign rules and logic
  • Widget configuration
  • Point earning/redemption rules
  • Experience design

Separated (Isolated Data)

Test and live maintain separate:
  • Customers list: Test customers don’t appear in live
  • Analytics: Separate reporting for test vs live
  • Point transactions: Test points isolated from live points
  • Achievements: Customer progress tracked separately
Configure your campaigns and tiers once—they automatically work in both environments. Only the customer data differs.

Dashboard Toggle

Switch between test and live views in the Gameball Dashboard:
  1. Look for the toggle at the top left of any dashboard page
  2. Select Test to view test data or Live to view production data
  3. Analytics, customer lists, and transactions update based on your selection
This lets you inspect test behavior before deploying to production.

Development Workflow

1

Configure in Dashboard

Set up tiers, campaigns, point logic, and widget behavior. These configurations apply to both test and live.
2

Integrate with Test Key

Use the Test API Key in your staging/UAT environment. Build your integration and test thoroughly.
3

Validate Test Data

Switch dashboard to Test mode and verify:
  • Customer registration works
  • Points accrue correctly
  • Campaigns trigger as expected
  • Redemption flows function properly
4

QA & Edge Cases

Test edge cases, error handling, concurrent operations, and campaign expirations using test environment.
5

Switch to Live Key

Replace Test API Key with Live API Key in your production application. Live customers and data will now be tracked.
6

Monitor Live Environment

Switch dashboard to Live mode and monitor real customers, transactions, and analytics.

Key Points

Data Isolation

Test and live data never mix. Test customers, points, and transactions are completely separate.

No Migration

Test data is disposable. You cannot migrate test customers or transactions to live.

Fresh Start

When you go live, start with a clean slate. All live data begins from scratch.

Key Rotation

Gameball supports key rotation without disrupting existing integrations.

Example: Switching Environments

Test Environment (Staging)

// staging.config.js
const GAMEBALL_API_KEY = "test_ue7eh32eiwlsncoko08u8b";
const GAMEBALL_SECRET_KEY = "kz7eh32eiwldlowbo08u5p";

Live Environment (Production)

// production.config.js
const GAMEBALL_API_KEY = "live_8x4mh92kwjancblp07r9d";
const GAMEBALL_SECRET_KEY = "kz7eh32eiwldlowbo08u5p"; // Same secret key
Never expose your Live API Key or Secret Key in client-side code or public repositories. Keep them secure in environment variables or server-side configuration.

Best Practices

Store API keys in environment variables, not hardcoded:
# .env.staging
GAMEBALL_API_KEY=test_ue7eh32eiwlsncoko08u8b

# .env.production
GAMEBALL_API_KEY=live_8x4mh92kwjancblp07r9d
  • Test all integration points with test key
  • Verify campaign triggers and point calculations
  • Test redemption flows and edge cases
  • Validate error handling and retry logic
  • Don’t worry about cleaning up test customers or transactions
  • Test data has no impact on live environment
  • Start fresh when switching to live
  • Use dashboard toggle to check test behavior during development
  • Monitor live analytics once in production
  • Compare test vs live to validate expected behavior

High Security Mode

Enable High Security Mode in dashboard to require Secret Key for all API requests (not just point transactions). When enabled:
  • All endpoints require both APIKey and SecretKey headers
  • Provides additional protection against unauthorized access
  • Recommended for high-security requirements
With High Security Mode enabled, send all requests from server-side to prevent exposing the Secret Key.

Authentication Guide

Complete guide to API keys and authentication

Get Your API Keys

Help Center guide for retrieving keys

Test and Live Data

Gameball Help Center article