๐Auth
This documentation provides an overview of the main functionalities provided by the Whirlprivacy.io platform, focusing on the authentication process.
Last updated
This documentation provides an overview of the main functionalities provided by the Whirlprivacy.io platform, focusing on the authentication process.
Last updated
/auth/loginAuthenticates a user by verifying the signature of a previously issued challenge. Upon successful authentication, it generates a token that is used for subsequent requests that require authentication.
| Parameter | Type | Description | Required |
|---|---|---|---|
Error Handling:
Example Code:
/auth/refreshRefreshes a user's authentication token to extend their session without requiring them to re-authenticate.
No parameters are required for this endpoint as it uses the user's current authentication token for verification.
Headers:
/auth/challengeIssues a challenge message containing a nonce for the user to sign with their private key. This is the first step in the authentication process.
No parameters are required for this endpoint.
In addition to the timestamp given, the response will be to sign a message that will look like this: "Welcome to Whirl Privacy, in order to authenticate and use the platform, you need to sign this message. Nonce:"
It won't work if you only sign the timestamp and not the message or vice versa.
None
| Error Code | Description |
|---|---|
| Header Name | Value | Description |
|---|---|---|
| Error Code | Description |
|---|---|
authAddress
string
The blockchain address of the user
Yes
authSignature
string
The signature of the challenge message
Yes
authChallenge
string
The challenge message that was signed
Yes
E_INVALID_OR_EXPIRED_CHALLENGE
Invalid or expired challenge
E_INVALID_SIGNER
The signer address does not match the provided address
E_INVALID_SIGN_DATA
The signature data is invalid
E_CREATING_USER
Error occurred while creating a new user
X-API-key
base64
API token obtained after authentication.
E_UNAUTHORIZED
Unauthorized access