Section Connection

Various connection settings.

AllowedClientVersion

The version of the client application supported by the server. The value of the property contains an identifier string, which must be sent to the server by the client application. Client applications having incorrect version are prohibited from connecting to the server. If the value of the property is set to an empty string, then the client applications of any version are supported by the server.

<property-str name="AllowedClientVersion" value=""/>

AllowedProtocolVersions

This setting is obsolete.

<property-uint-list name="AllowedProtocolVersions"/>

SessionsTimeoutsCheckInterval

This option is used to define the number of seconds to wait before scheduling the next session state check.

<property-uint name="SessionsTimeoutsCheckInterval" value="3"/>

ClientPingInterval

The interval between pinging a client session to detect silently dead sessions (in seconds). Use 0 if you want to turn off this functionality.

<property-uint name="ClientPingInterval" value="300"/>

LobbyStatsUpdateInterval

The interval between sending the statistics from the lobbyserver to the client application (in seconds).

<property-uint name="LobbyStatsUpdateInterval" value="60"/>

UseDisplacingLogin

This parameter determines whether the player should be kicked out of the table upon new login. Default: true – the player is not kicked out of the table when he reconnects. Possible values: true, false.

<property-bool name="UseDisplacingLogin" value="true"/>

UseTermsOfUseLogin

If set to false, the Terms of Use feature is completely disabled and the pop-up never appears. If set to true, the feature can be managed on the Terms of Use page in the Backoffice (publish, activate, deactivate).

<property-bool name="UseTermsOfUseLogin" value="true"/>

ConsiderRepeatedLoginAsReconnect

This setting controls whether a player will be logged out when a new session is initiated (e.g., by opening the client in a new tab, connecting from another device, or using a different IP address). This setting is only relevant if AllowMultiLogin = true.

Possible values: true (allows the player to open the client on multiple tabs/devices/IP addresses without disconnecting) and false (the player is logged out when attempting to open the client on multiple tabs/devices/IP addresses).

note

Additionally, set AllowMultiLoginOnlyForSameDevice = true to restrict sessions to one device, logging out the player if they connect from another device. Set AllowMultiLoginOnlyForSameIP = true to limit sessions to one IP address, logging out the player if they connect from a different IP.

<property-bool name="ConsiderRepeatedLoginAsReconnect" value="true"/>

AllowMultiLogin

This setting enables multiple logins to the client application with one authorization token. This can be used in the integrated solutions, for example, if the customer opens tables by the link, and each table is opened in a separate window (multi-table mode). In this case, multiple logins will be allowed for these windows if AllowMultiLogin = true. However, there are also certain limitations to multiple logins:

The sessions can only be opened through Auth with empty login and password;
If a new login is done with login and password, the previously opened sessions are stopped.

<property-bool name="AllowMultiLogin" value="true"/>

AllowMultiLoginOnlyForSameIP

This setting is only relevant if AllowMultiLogin = true. If AllowMultiLoginOnlyForSameIP is enabled, a user will only be able to have multiple logins from the same IP-address. True by default.

<property-bool name="AllowMultiLoginOnlyForSameIP" value="false"/>

AllowMultiLoginOnlyForSameDevice

This setting is only relevant if AllowMultiLogin = true. If AllowMultiLoginOnlyForSameDevice is enabled, a user will only be able to have multiple logins from the same device. False by default.

<property-bool name="AllowMultiLoginOnlyForSameDevice" value="false"/>

ClientTitle

The title of the desktop client application.

<property-str name="ClientTitle" value="Enterra Demo Poker"/>

ClientAutoLogoutTimeout

The player gets logged out after ClientAutoLogoutTimeout seconds of inactivity. In order to resume playing, the player has to log in again. Use 0 to turn the feature off.

<property-uint name="ClientAutoLogoutTimeout" value="900"/>

RequireAccountActivation

If this feature is enabled, players are not allowed to login until they pass the e-mail verification (using the activation page on the website). Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="RequireAccountActivation" value="false"/>

NumDigitsInActivationCode

Defines the number of digits in the activation code sent for the e-mail verification. Default value: 0. In this case, a long hex-string will be sent for activation. Possible values: any numeric value. For example, if you set it to 6, the users will receive a 6-digit activation code.

<property-uint name="NumDigitsInActivationCode " value="0"/>

StoreHashedPasswords

Store md5 hash of players' passwords instead of plain password text. Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="StoreHashedPasswords" value="true"/>

EnableGuests

This parameter enables guest registration of players with the username 'guest'. It is only available in QT mobile app. Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="EnableGuests" value="true"/>

AuthorizationTicketLifetime

This parameter is used in the client authorization on website. If the client application has not sent the auth code received after the authorization back to the server within AuthorizationTicketLifetime seconds, that auth code becomes invalid.

<property-uint name="AuthorizationTicketLifetime" value="120"/>

LongAuthorizationTicketLifetime

This parameter is used in the client app authorization. It defines the lifetime of the token, saved when the player enables 'Remember me' option. If it is enabled, the player must be logged in automatically within LongAuthorizationTicketLifetime seconds, after that the login token becomes invalid.

<property-uint name="LongAuthorizationTicketLifetime" value="2592000"/>

UseNickAsLoginAtAuthentication

This parameter allows players to login using nickname. Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="UseNickAsLoginAtAuthentication" value="true"/>

UseEmailAsLoginAtAuthentication

This parameter allows players to login using email address. Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="UseEmailAsLoginAtAuthentication" value="true"/>

UsePhoneAsLoginAtAuthentication

This parameter allows players to login using phone number. Possible values: true (the feature is enabled), false (the feature is disabled).

<property-bool name="UsePhoneAsLoginAtAuthentication" value="true"/>

TfaMaxAttempts

This parameter sets the maximum number of attempts for two-factor authentication (2FA). If a player fails to enter the correct 2FA code within the specified number of attempts, their account will be restricted. In case of a 2FA lockout, Backoffice administrators can either reset the 2FA attempts for the player in the User Details section or disable 2FA. Simply unblocking the account will not work, as the account is not technically blocked and will not appear in the Blocked Users list.

<property-uint name="TfaMaxAttempts" value="5"/>

RequiredForLoginTFAType

Defines the type of two-factor authentication (2FA) required for login for all players. If the RequiredForLoginTFAType parameter is set to one of the specified values (tfa.sms, tfa.email, tfa.google-auth, tfa.otp, tfa.client-check), a valid 2FA code must be entered to complete the login process. The settings will only work if the data for them has been previously specified or configured.

tfa.sms — two-factor authentication via SMS. A code is sent to the user's mobile phone via text message, which must be entered to complete the login process;
tfa.email — two-factor authentication via email. A code is sent to the user's registered email address, which must be entered to complete the login process;.
tfa.google-auth — two-factor authentication using the Google Authenticator app. The app generates time-based one-time passcodes that must be entered to complete the login process;
tfa.otp — two-factor authentication using a generic one-time password (OTP code) applies to login via phone number or email, to which the one time password should be sent and entered by the user for login;
tfa.client-check — two-factor authentication provides additional client-side verification, such as checking the player's geolocation through the third-party service XPoint or other services. For information about integrating services for this verification, please contact the Evenbet team;
tfa.unknown — thе setting indicates that no two-factor authentication is required for login. Authorization is performed without the need to enter a 2FA code.

<property-enum name="RequiredForLoginTFAType" value="tfa.unknown"/>

ObservedPeriodToCheckPasswordPolicyViolation

This parameter sets up a time period to check if there were too many attempts to login using invalid password.

<property-uint name="ObservedPeriodToCheckPasswordPolicyViolation" value="300"/>

LockTimeAtPasswordPolicyViolation

Defines the time period, during which the user/IP will be blocked in case the MaxNumberOfInvalidPasswordAttempts was exceeded within ObservedPeriodToCheckPasswordPolicyViolation. After the period indicated in the setting, the user account/ the user's IP will be automatically unlocked. While the account is blocked, it will appear in the Blocked Users list, the IP will appear in the Prohibited IP List. If necessary, accounts/IPs can be unblocked through these pages before the end of the blocking period.

<property-uint name="LockTimeAtPasswordPolicyViolation" value="1800"/>

MaxNumberOfInvalidPasswordAttempts

This parameter sets up the number of login attempts with invalid password before the player/IP gets blocked.

<property-uint name="MaxNumberOfInvalidPasswordAttempts" value="5"/>

EnableCAVerificationForSSLChannel

Defines whether the certificate is checked. This is a security system setting, please, do not change its value.

<property-bool name="EnableCAVerificationForSSLChannel" value="true"/>

AllowIdenticalNickNameInSkins

Defines if there can be users with identical nicknames in case they belong to different skins. If true, then there can be a user with nickname ‘test’ in skin1 and a user with nickname ‘test’ in skin2. However, there still cannot be two users with nickname ‘test’ in the same skin. If false, the nickname uniqueness is checked regardless of the skin.

<property-bool name="AllowIdenticalNickNameInSkins" value="true"/>

AllowIdenticalEmailInSkins

Defines if there can be users with identical e-mail addresses in case they belong to different skins. If true, then there can be a user with e-mail ‘[email protected]’ in skin1 and a user with e-mail ‘[email protected]’ in skin2. However, there still cannot be two users with e-mail ‘[email protected]’ in the same skin. If false, the e-mail uniqueness is checked regardless of the skin.

<property-bool name="AllowIdenticalEmailInSkins" value="true"/>

AllowIdenticalPhoneNumInSkins

Defines if there can be users with identical phone numbers in case they belong to different skins. If true, then there can be a user with phone number ‘123456’ in skin1 and a user with phone number ‘123456’ in skin2. However, there still cannot be two users with phone number ‘123456’ in the same skin. If false, the phone number uniqueness is checked regardless of the skin.

<property-bool name="AllowIdenticalPhoneNumInSkins" value="true"/>

AllowIdenticalDisplayNameInSkins

Defines if there can be users with identical display names in case they belong to different skins. If true, then there can be a user with display name ‘test’ in skin1 and a user with display name ‘test’ in skin2. However, there still cannot be two users with display name ‘test’ in the same skin. If false, the display name uniqueness is checked regardless of the skin.

<property-bool name="AllowIdenticalDisplayNameInSkins" value="true"/>

RequireUniquePlayerDisplayName

If true, the system will check user’s display name uniqueness. If false, the users will be able to have identical display names.

<property-bool name="RequireUniquePlayerDisplayName" value="true"/>

RequireSkinCheckOnPlayerLogin

Enables skin check at the login. If the user’s skin does not correspond with the client app’s skin, login will be unsuccessful, even if the user's credentials were correct.

<property-bool name="RequireSkinCheckOnPlayerLogin" value="false"/>

PhoneNumberCorrection

If enabled, the phone numbers, inserted by the players during the registration, will be saved in the database without non-numerical symbols, such as ‘+’, ‘-‘, etc. Default value: true.

<property-bool name="PhoneNumberCorrection" value="true"/>

BlockViolatorMethodType

Defines, what is blocked in case the user exceeds MaxNumberOfInvalidPasswordAttempts within ObservedPeriodToCheckPasswordPolicyViolation. Possible values:

bvmt.none – nothing is blocked if the allowed number of invalid password attempts was exceeded;
bvmt.account – the user’s account is blocked if the allowed number of invalid password attempts was exceeded. After the period indicated in the LockTimeAtPasswordPolicyViolation setting, the user account is unlocked;
bvmt.ip – the IP of the user who made login attempts is blocked if the allowed number of invalid password attempts was exceeded. After the period indicated in the LockTimeAtPasswordPolicyViolation setting, the user's IP is unlocked.

<property-enum name="BlockViolatorMethodType" value="bvmt.account"/>

ClientsOutputMessagesSizeHardLimitMb

The summarized maximum size (in Mb) of the client’s outgoing messages. If it is exceeded, a disconnection takes place.

<property-uint name="ClientsOutputMessagesSizeHardLimitMb" value="10"/>

ClientsOutputMessagesSizeSoftLimitMb

The summarized maximum size (in Mb) of the client’s outgoing messages. If it is exceeded, a countdown that lasts for ClientsOutputMessagesSizeSoftLimitTimeoutSeconds starts. If the size of the client’s outgoing messages does not decrease during this time, the client is disconnected.

<property-uint name="ClientsOutputMessagesSizeSoftLimitMb" value="4"/>

ClientsOutputMessagesSizeSoftLimitTimeoutSeconds

The timeout to disconnect the client if the summarized maximum size (in Mb) of the client’s outgoing messages exceeds ClientsOutputMessagesSizeSoftLimitMb.

<property-uint name="ClientsOutputMessagesSizeSoftLimitTimeoutSeconds" value="10"/>

MaxDBBulkInsertQuerySizeMb

This setting limits the maximum size of insert request sent to MySQL when bulk insert is used (this limitation does not apply to the first entry). The entries that were cut because of this limitation are added to the next request.

<property-uint name="MaxDBBulkInsertQuerySizeMb" value="5"/>

DefaultFrontendRequestTimeout

Sets the timeout (in seconds) for messages sent by the frontend server. If a message exceeds this timeout, it will not be processed by the server. This improves performance by preventing the handling of expired messages.

<property-uint name="DefaultFrontendRequestTimeout" value="0"/>

WebComponentRequestTimeout

Sets the timeout (in seconds) for messages sent from the web component. If a message exceeds this timeout, it will not be processed by the server. This improves performance by preventing the handling of expired messages.

<property-uint name="WebComponentRequestTimeout" value="0"/>

ForbiddenProcesses.win

Defines the list of process names (executables) that are considered forbidden during Native client usage on Windows. If a listed process is running when the user logs into the client, a Forbidden Process incident is triggered. Use the name + extension format (e.g., "App.exe"), as shown in Task Manager. Add multiple entries by duplicating the item value line. Note: Process names may be case-sensitive depending on the system configuration.

<property-str-list name="ForbiddenProcesses.win">
  <item value="App.exe"/>
</property-str-list>

ForbiddenProcesses.macosx

Defines the list of process names (applications) that are considered forbidden during Native client usage on macOS. If a listed process is running when the user logs into the client, a Forbidden Process incident is triggered. Use the application name format (e.g., "App"), as shown in Activity Monitor. Add multiple entries by duplicating the item value line. Note: Process names may be case-sensitive depending on the system configuration.

<property-str-list name="ForbiddenProcesses.macosx">
  <item value="App"/>
  <item value="App.app"/>
</property-str-list>

ForbiddenProcesses.html5

Defines the list of process names (applications) that are considered forbidden during Browser client usage. If a listed process is running when the user logs into the client, a Forbidden Process incident is triggered. Use the application name format (e.g., "App"), as displayed by the operating system or the browser’s task manager. Add multiple entries by duplicating the item value line. Note: Process names may be case-sensitive depending on the system configuration.

<property-str-list name="ForbiddenProcesses.html5">
  <item value="App"/>
  <item value="App.exe"/>
</property-str-list>

ClientTrustedHosts

Defines the hosts, in URLs for which the parameters can be added (auth, playerId, etc.)

<property-str-list name="ClientTrustedHosts">
  <item value="111.111.1.11"/>
</property-str-list>

CompleteProfileRequirements

This setting allows to specify profile data that must be filled out for the account to be marked as “Completed”.

Additionally, this setting is closely connected with account verification. Backoffice administrators will not be able to approve KYC documents for the user in User Details - Verification section unless their profile is complete.

<property-str-list name="CompleteProfileRequirements">
  <item value="password"/>
  <item value="nick"/>

Possible values:
"nick"
"password"
"city"
"skin"
"name"
"e-mail"
"phone-number"
"gender"
"address"
"country"
"zip-code"
"family-name"
"middle-name"
"display-name"
"date-of-birth"
"verified"
"kyc-done"
"email-verified"
"state-id"

SkipRemoveFurtherAuthOnHTML5Reconnect

This server-side setting improves connection stability and ensures successful reconnection to the poker app in environments where the Evenbet poker web application is integrated into another mobile application. When enabled, if a reconnect occurs from the Browser client, the Auth token created during the createSessionForPlayer call is not deleted, allowing for a smoother reconnection process.

<property-bool name="SkipRemoveFurtherAuthOnHTML5Reconnect" value="false"/>

StoreExternalSessionIdInDB

Technical setting. When enabled, the system saves player externalSessionId values to the tm_player_external_session_id table in addition to the in-memory cache. Each record in the table exists as long as the corresponding player data remains in the cache.

<property-bool name="StoreExternalSessionIdInDB" value="false"/>

AllowedClientVersion​

AllowedProtocolVersions​

SessionsTimeoutsCheckInterval​

ClientPingInterval​

LobbyStatsUpdateInterval​

UseDisplacingLogin​

UseTermsOfUseLogin​

ConsiderRepeatedLoginAsReconnect​

AllowMultiLogin​

AllowMultiLoginOnlyForSameIP​

AllowMultiLoginOnlyForSameDevice​

ClientTitle​

ClientAutoLogoutTimeout​

RequireAccountActivation​

NumDigitsInActivationCode​

StoreHashedPasswords​

EnableGuests​

AuthorizationTicketLifetime​

LongAuthorizationTicketLifetime​

UseNickAsLoginAtAuthentication​

UseEmailAsLoginAtAuthentication​

UsePhoneAsLoginAtAuthentication​

TfaMaxAttempts​

RequiredForLoginTFAType​

ObservedPeriodToCheckPasswordPolicyViolation​

LockTimeAtPasswordPolicyViolation​

MaxNumberOfInvalidPasswordAttempts​

EnableCAVerificationForSSLChannel​

AllowIdenticalNickNameInSkins​

AllowIdenticalEmailInSkins​

AllowIdenticalPhoneNumInSkins​

AllowIdenticalDisplayNameInSkins​

RequireUniquePlayerDisplayName​

RequireSkinCheckOnPlayerLogin​

PhoneNumberCorrection​

BlockViolatorMethodType​

ClientsOutputMessagesSizeHardLimitMb​

ClientsOutputMessagesSizeSoftLimitMb​

ClientsOutputMessagesSizeSoftLimitTimeoutSeconds​

MaxDBBulkInsertQuerySizeMb​

DefaultFrontendRequestTimeout​

WebComponentRequestTimeout​

ForbiddenProcesses.win​

ForbiddenProcesses.macosx​

ForbiddenProcesses.html5​

ClientTrustedHosts​

CompleteProfileRequirements​

SkipRemoveFurtherAuthOnHTML5Reconnect​

StoreExternalSessionIdInDB​