Auth endpoints

These endpoints implement the wallet-based challenge → verify flow described in Authentication.

POST `/auth/challenge`

Request a challenge message to sign with your Solana wallet.

Public endpoint — no JWT required.

Request body

{
  "walletAddress": "DYw8jCTfwHNRJhhmFcbXvVDTqWMEVFBX6ZKUmG5CNSKK"
}

Response (`200 OK`)

{
  "challenge": "Sign this message to authenticate: 1234567890",
  "expiresAt": "2024-01-01T12:05:00Z"
}

POST `/auth/verify`

Verify the signed challenge message and receive a JWT token for authenticated requests.

Public endpoint — no JWT required.

Request body

{
  "walletAddress": "DYw8jCTfwHNRJhhmFcbXvVDTqWMEVFBX6ZKUmG5CNSKK",
  "signature": "base58_encoded_signature",
  "message": "Sign this message to authenticate: 1234567890"
}

Response (`200 OK`)

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": "uuid",
    "walletAddress": "DYw8jCTfwHNRJhhmFcbXvVDTqWMEVFBX6ZKUmG5CNSKK"
  }
}

Token expiry

JWT token expires in: 7 days

PreviousError handling NextTokens

Last updated 1 month ago

Good evening

hashtagPOST /auth/challenge

hashtagRequest body

hashtagResponse (200 OK)

hashtagPOST /auth/verify

hashtagRequest body

hashtagResponse (200 OK)

hashtagToken expiry

hashtagRelated

POST `/auth/challenge`

Request body

Response (`200 OK`)

POST `/auth/verify`

Request body

Response (`200 OK`)

Token expiry

Related