Now that ZBD Shield is protecting your ZBD Project API Key, you need to route transactions from your project through ZBD Shield.

If you’ve previously used the ZBD API, you’ll be familiar with the typical ZBD domain and endpoints, however, transactions for ZBD Shield will be routed through different endpoints.

Any transactions processed through the standard endpoints will not be routed through ZBD Shield, and will thus not be protected by ZBD Shield.

Prepare Transaction Payload

To process a transaction through ZBD Shield, you need the following JSON transaction payload:

  // Required - gamertag for the user withdrawing from the game
  "gamerTag": "freeberty098", 
  // Required - amount of funds, in milisats
  "amount": "1000", 
  // Optional - transaction description shown to the user; default is "Thank you"
  "description": "From Sarutobi's game to freeberty098", 
	// Required - platform the user is on; possible values: PC | Android | iOS | Mac | Web
  "platform": "PC",
	// Required - Your game's version the user is on
  "appVersion": "1.0.0",
	// Optional - if Shield is configured to block non-google play installs then it's required
  "isGooglePlay": true,
	// Required - tells that app is running on a real device, must be true 
  "isDevice": true,
	// Required - the user's unique device id
	"deviceId": "a3k034a0c403af2c3e36119c2c62f3ff477029e3786f1db41ba363119f5e8077",
	// Required - name of your game
	"appId": "App identification",
	// Optional - required if device versions was set on Shield config; possible values: an object string containing all user's device info including "operatingSystem"
	"deviceInfo": "{\"operatingSystem\": \"iOS\"}",
	// Optional - but required if device versions was set on Shield config 
	"deviceVersionNumber": "2.3.1"


To authenticate the request, you will need your ZBD Shield Access Token.

You can get this by going to Settings -> Access Token

Generate your key for the first time by pressing the Regenerate button.
ZBD Shield | Access Token Screen

ZBD Shield | Access Token Screen

Regenerating your Access Token will disable all previous Access Tokens.

Send Transaction

To send a transaction, use the following endpoint with the applicable payload and valid API key.


For example:

curl --location '{ShieldURL}/api/v1/zbd/create-transaction' \
--header 'Access-Token: {YourShieldAccessToken}' \
--header 'Content-Type: application/json' \
--data '{
    "gamerTag": "",
    "amount": "",
    "description": "",
    "platform": "",
    "appVersion": "",
    "isGooglePlay": bool,
    "isDevice": bool,
    "deviceId": "",
    "appId": "",
    "deviceInfo": "",
    "deviceVersionNumber": ""

Congrats! These transactions will route through your ZBD Shield instance.


To prevent the same user from requesting multiple times in rapid succession, there is a cooldown wherein ZBD Shield will block additional requests until the cooldown period has elapsed.

This can be changed via API on the following endpoint:


Example body:

   "coolDownPeriod": 10  // time, in seconds

That’s it! You’re now able to process transactions through ZBD Shield.