Auth Endpoints
Authentication endpoints for the Universal Account service.
Web3 Authentication
Connect Wallet
POST /auth/web3
Authenticate using Web3 wallet signature.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"signature": "0x1abc2def3456789abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef12345671c",
"signer": "0x1234567890AbCdEf1234567890AbCdEf12345678"
}
Response: 201 - The user has been successfully logged in
{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshTokenExpire": 1710175253716,
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"accessTokenExpire": 1710175253716,
"userId": "0x1234567890abcdef1234567890abcdef12345678"
}
Token Management
Refresh Token
POST /auth/refresh
Refresh an access token using a refresh token.
Request Body:
{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Response: 201 Created
Telegram Authentication
Request Telegram OTP
POST /auth/telegram-otp-request
Request a one-time password for Telegram authentication.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"telegramId": "123456789"
}
Response: 201 - The OTP request was successful
Telegram Login
POST /auth/telegram-login
Authenticate using Telegram ID and OTP.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"telegramId": "123456789",
"username": "username123",
"firstname": "FIRST",
"lastname": "LAST",
"avatarUrl": "https://example.com/avatar.jpg",
"otp": "123456"
}
Response: 201 - The user has been successfully logged in
Create Telegram User from Bot Login
POST /auth/telegram/user
Create a new user from Telegram bot login.
Request Body:
{
"telegramId": "123456789",
"username": "username123",
"firstname": "FIRST",
"lastname": "LAST",
"domainId": 1,
"sig": "0x1abc2def3456789abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef12345671b",
"timestamp": 1741084672,
"apiKey": "1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p"
}
Response: 201 Created
Telegram Bot Login from App
POST /auth/telegram/callback
Complete Telegram bot login from the app.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"state": "123456789",
"code": "ABC123DEF456GHI"
}
Response: 201 - The user has been successfully logged in with Telegram
Email Authentication
Request Email OTP
POST /auth/email-otp-request
Request a one-time password via email.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"email": "[email protected]"
}
Response: 201 - The OTP request was successful
Email Login
POST /auth/email-otp-verify
Verify email OTP and login.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"email": "[email protected]",
"otp": "123456"
}
Response: 201 - The user has been successfully logged in
OAuth Authentication
Facebook Authentication
Facebook Login
GET /auth/facebook
Initiate Facebook login flow.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Response: 200 OK
Facebook Authentication Callback
POST /auth/facebook/callback
Handle Facebook authentication callback.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"code": "ABCD1234efgh5678IJKL9012mnop",
"error": "mismatch_redirect_uri",
"state": "eyJrZXkiOiIxYTJiM2M0ZDVlNmY3ZzhoOWkwajFrMmwzbTRuNW82cCIsIngtc2lnbmF0dXJlIjoiMHgxYWJjMmRlZjM0NTY3ODlhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxYyIsIngtdGltZXN0YW1wIjoiMTc0MDU1ODExMDEzMyIsIngtYXBpLWtleSI6IjFhMmIzYzRkNWU2ZjdnOGg5aTBqMWsybDNtNG41bzZwIiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIn0"
}
Response: 201 - The user has been successfully logged in via Facebook
Google Authentication
Google Login
GET /auth/google
Initiate Google authentication flow.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Response: 200 - The user has successfully started the authentication via Google
Google Login Callback
POST /auth/google/callback
Handle Google authentication callback.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"code": "ABCD1234efgh5678IJKL9012mnop",
"error": "mismatch_redirect_uri",
"state": "eyJrZXkiOiIxYTJiM2M0ZDVlNmY3ZzhoOWkwajFrMmwzbTRuNW82cCIsIngtc2lnbmF0dXJlIjoiMHgxYWJjMmRlZjM0NTY3ODlhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxYyIsIngtdGltZXN0YW1wIjoiMTc0MDU1ODExMDEzMyIsIngtYXBpLWtleSI6IjFhMmIzYzRkNWU2ZjdnOGg5aTBqMWsybDNtNG41bzZwIiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIn0"
}
Response: 201 - The user has been successfully logged in via Google
Twitter Authentication
Twitter Login
GET /auth/twitter
Initiate Twitter authentication flow.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Response: 200 OK
Twitter Login Callback
POST /auth/twitter/callback
Handle Twitter authentication callback.
Headers:
x-signature(required) - Request signaturex-timestamp(required) - Timestamporigin(required) - Domain originx-api-key(required) - API Key
Request Body:
{
"code": "ABCD1234efgh5678IJKL9012mnop",
"error": "mismatch_redirect_uri",
"state": "eyJrZXkiOiIxYTJiM2M0ZDVlNmY3ZzhoOWkwajFrMmwzbTRuNW82cCIsIngtc2lnbmF0dXJlIjoiMHgxYWJjMmRlZjM0NTY3ODlhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxMjM0NTY3ODkwYWJjZGVmMTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWYxYyIsIngtdGltZXN0YW1wIjoiMTc0MDU1ODExMDEzMyIsIngtYXBpLWtleSI6IjFhMmIzYzRkNWU2ZjdnOGg5aTBqMWsybDNtNG41bzZwIiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIn0"
}
Response: 201 - The user has been successfully logged in via Twitter