This endpoint enables signing messages with custodial wallets that is used to SIWE.

Authentication

The wallet/sign endpoint works with a Bearer Token provided in the authentication header. The string provided as the token is a JWT with the following fields:

{  
  "id": "1",            //id of the user  
  "exp": 1712873700,    //expiration time of the jwt  
  "jti": "testjti",     //jti to prevent replay attacks  
  "id_type": "userId",  //type of the id to identify the user. could be userId, userUuid or address  
  "version": 1,         //version of the endpoint  
  "iss": "artemis",     //integrator the jwt belongs to  
  "iat": 1712872800     //issued at  
}

The JWTs are specific for the user and must be generated for different users. To obtain a JWT for a user, it is possible to send a request to wallet/generate_token. This is discussed in Wallet Generate JWT section. To be able to create JWTs without sending a request to wallet/generate_token, the payload of the JWT must be complete and valid, the JWT must be signed with HMAC256 and the signature key must be valid. The signature key will be provided to integrators upon request.

JWT Payload FieldDescription
iduser id, the value must relate to an existing user
id_typetype of id for the user id. values could be one of userId, userUuid, address.
iatissued at time in Unix timestamp seconds
expexpiration time in Unix timestamp seconds, should be iat + 15 minutes.
issintegrator slug
jtiunique id for JWT to prevent replay attacks. also valid for 15 minutes
versionversion of the API endpoint

Message

The endpoint is made to sign a message with the user's wallet. The provided message is processed and returned as a signature that could be used to Sign in with Ethereum (SIWE). The message hello world was signed for an arbitrary user, which produced the following result: { "signature": "0xd80dac506b0045a8727507910cc3038fae4328595fa3e0ecca2cf0c4c75b8f911bcd778086d0cae70b400da77496bee87b3af7ebaf55dee055c4f75c26ce3cbd1c" }

Errors

Here are potential errors you might encounter:

HTTP Status Code 400
invalid json
token missing 'Bearer' prefix
message must not be empty
user not found
address not found
invalid token
token already used
'id' must not be empty
'id_type' must not be empty
id_type must be one of: userId, userUuid, address
'version' must not be empty or zero
unsupported version
'iss' must not be empty
unknown issuer
'exp' must not be empty
'exp' is too high
'jti' must not be empty
'iat' must not be empty
token contains an invalid number of segments
'id' must be a valid UUID
'id' must be a valid address
HTTP Status Code 401
authorization header must not be empty
apikey is invalid

HTTP Status Code 500
internal server error
Language
Authorization
Header
Click Try It! to start a request and see the response here!