Access Levels
Wave Casino uses a three-tier wallet hierarchy for access control. Each level is identified by a Solana wallet public key.
Level 1 β Wave Creator
The highest privilege level. This is the wallet that deployed and owns the Wave casino instance.
Set via: PLATFORM_CREATOR_ADDRESS environment variable (or CASINO_ADMIN_WALLET for legacy compat)
Capabilities:
- Full access to all admin functions
- Manage whitelabel branding
- Approve/reject withdrawals and PIX payouts
- Configure system runtime settings
- Create and manage Level 2 wallets
- Access the
/systemadmin page
Admin panel sections: All sections visible
Level 2 β Platform Creator
Operators who run their own casino instance on top of the Wave infrastructure. They cannot modify platform-level settings but can manage everything within their casino.
Set via: CASINO_PLATFORM_CREATORS_JSON environment variable:
CASINO_PLATFORM_CREATORS_JSON={"WalletBase58Here":true,"AnotherWallet":true}Also includes: Legacy named roles β finance, ops, support, readonly β set via CASINO_ADMIN_ROLES_JSON:
CASINO_ADMIN_ROLES_JSON={"FinanceWallet":"finance","OpsWallet":"ops"}Capabilities:
- Manage agents (create, edit, credit transfer)
- Manage games (enable/disable providers)
- View analytics and player data
- Configure casino (site endpoint, API type)
- Approve withdrawals (finance role)
Admin panel sections: Dashboard, Games, Agents, Players, Transactions, Game History, RTP Control, Analytics, Configuration
Level 3 β Integrator / Operator
An integrator who has been granted access to manage their own segment of users and agents. They see only data scoped to their agentCode.
Set via: CASINO_OPERATORS_JSON environment variable (wallet β agentCode mapping):
CASINO_OPERATORS_JSON={"IntegratorWalletBase58":"my_agent_code","AnotherWallet":"other_agent"}Capabilities:
- View own agent data
- View own users and their balances
- View own game history and transactions
- View own revenue metrics
- Access the API guide
- Configure own profile (site endpoint, token)
Admin panel sections: Dashboard, Transactions, Game History, Configuration, API Guide
Permission matrix
| Permission | L1 | L2 | L3 |
|---|---|---|---|
admin:read | β | β | β |
admin:write | β | β | β |
whitelabel:write | β | β | β |
legacy:agents:write | β | β | β |
legacy:games:write | β | β | β |
withdraw:approve | β | β (finance) | β |
balances:write | β | β (finance) | β |
agents:read:own | β | β | β |
users:read:own | β | β | β |
metrics:read:own | β | β | β |
transactions:read:own | β | β | β |
runtime:write | β | β | β |
config:write | β | β | β |
Checking access level at runtime
The /casino/admin/me endpoint returns the current walletβs role and access level:
GET /casino/admin/me
Authorization: Bearer <token>{
"wallet": "ABC123...",
"role": "platform_creator",
"level": 2,
"permissions": ["admin:read", "admin:write", "..."],
"agentCode": null
}For Level 3, agentCode will be the linked agent code instead of null.