Authentication

The wallet/sign endpoint works with a Bearer Token provided in the authentication header. The string provided as the token is a JWT with the following fields:

{  
  "id": "1",            //id of the user  
  "exp": 1712873700,    //expiration time of the jwt  
  "jti": "testjti",     //jti to prevent replay attacks  
  "id_type": "userId",  //type of the id to identify the user. could be userId, userUuid or address  
  "version": 1,         //version of the endpoint  
  "iss": "artemis",     //integrator the jwt belongs to  
  "iat": 1712872800     //issued at  
}

The JWTs are specific for the user and must be generated for different users. To obtain a JWT for a user, it is possible to send a request to wallet/generate_token. This is discussed in Wallet Generate JWT section. To be able to create JWTs without sending a request to wallet/generate_token, the payload of the JWT must be complete and valid, the JWT must be signed with HMAC256 and the signature key must be valid. The signature key will be provided to integrators upon request.

JWT Payload Field	Description
id	user id, the value must relate to an existing user
id_type	type of id for the user id. values could be one of `userId`, `userUuid`, `address`.
iat	issued at time in Unix timestamp seconds
exp	expiration time in Unix timestamp seconds, should be iat + 15 minutes.
iss	integrator slug
jti	unique id for JWT to prevent replay attacks. also valid for 15 minutes
version	version of the API endpoint

Message

The endpoint is made to sign a message with the user's wallet. The provided message is processed and returned as a signature that could be used to Sign in with Ethereum (SIWE). The message hello world was signed for an arbitrary user, which produced the following result: { "signature": "0xd80dac506b0045a8727507910cc3038fae4328595fa3e0ecca2cf0c4c75b8f911bcd778086d0cae70b400da77496bee87b3af7ebaf55dee055c4f75c26ce3cbd1c" }