APISmart WalletsSigner API Endpoints

Authenticate with JWT

Authenticates a user using a JSON Web Token (JWT) for secure access to their Smart Wallet functionalities. This endpoint validates the provided JWT token and can be used for authenticating an existing user or to pregenerate a wallet. This feature is in private access. Please fill out the form or reach out to us at [email protected] to get access

Headers

AuthorizationstringRequired

Request

This endpoint expects an object.
jwtstringRequired

The JSON Web Token (JWT) used for authentication. The JWT must be a valid OIDC ID Token containing the required claims for user identification and authentication. Required OIDC Claims:

  • iss (Issuer): The identity of the OIDC provider. Should be the same as issuer URL specified in your /.well-known/openid-configuration, for example see the Google OpenID configuration
  • sub (Subject): A unique identifier that identifies the user with this auth provider.
  • aud (Audience): A unique identifier for the project communicated by us after registration on the google form
  • exp (Expiration): Token expiration time as Unix timestamp
  • iat (Issued At): Token issuance time as Unix timestamp
  • nonce (Nonce): toHex(sha256(targetPublicKey)) without the leading 0x Example JWT Payload:
1{
2  "iss": "https://accounts.google.com",
3  "sub": "1234567890abcdef",
4  "aud": "project_id",
5  "exp": 1640995200,
6  "iat": 1640991600,
7  "nonce": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
8}
authProviderstringRequired

Name of your application as entered on google form. Please reach out to us if you’ve lost this!

targetPublicKeystringOptional
Required for authentication. Optional for pregeneration.
expirationSecondsstringOptional

Specifies the duration of the login session in seconds. After this period, the user has to re-login to refresh their session. The default value is 900 seconds (15 minutes).

Response

JWT authentication successful. User is now authenticated or wallet has been pregenerated.
orgIdstring
The organization ID associated with the authenticated user and the application.
isSignupboolean or nullDefaults to false
If true, indicates a new wallet was created.
credentialBundlestring or null

An encrypted API key credential bundle that shall be used for subsequent authenticated requests. This bundle contains the authentication credentials encrypted with the provided targetPublicKey and can be decrypted client-side for stamping requests. A credential bundle will be returned when this endpoint is being used for authentication and would require a targetPublicKey in the request params

userIdstring or null
A unique identifier for the authenticated user.
addressstring or null
The Ethereum address of the user's signer, available after successful authentication.
solanaAddressstring or null
The Solana address of the user's signer, available after successful authentication.

Errors