Active development · testnet
ProductsDownloadsAssistantAPIBlockchainNetworkPricingCustomersStoreWikiDevs
Launch
Back to Wiki

Wiki · Authentication

Authentication

Wallet-based sign-in: get a nonce, sign it, exchange for a JWT, use the token on every API call.

Authentication

Authenticate with an EVM wallet. Sign a nonce message to receive a JWT for API access.

The flow

1. Get a nonce

GET /api/auth/nonce?address=0x...

Returns:

{ "message": "Sign this message to authenticate..." }

2. Sign and verify

Sign the returned message with your wallet, then post the signature back:

POST /api/auth/verify
Content-Type: application/json

{
  "address": "0x...",
  "message": "Sign this message to authenticate...",
  "signature": "0x..."
}

Returns:

{ "token": "jwt..." }

3. Use the token

Include the JWT in the Authorization header on every API request:

Authorization: Bearer <token>

Notes

  • The nonce message includes a timestamp and a random component; nonces are single-use.
  • JWTs are short-lived; renew by repeating the flow.
  • The same flow works with any EIP-191 signing wallet (MetaMask, Coinbase, WalletConnect, etc.).

For wallet bootstrapping after sign-in, see Wallet Management.