Authorization
Welcome to the Authorization section of the API documentation. This documentation is designed to guide you through the process of authorizing access to our API endpoints. To access the RE:DREAMER API endpoints, you will need either an API key or a JWT token. The authorization method you use will depend on the endpoint you are accessing.
- API Key For most endpoints, you can authorize using an API key. To obtain an API key, please contact our support team at [email protected].
- JWT Token For endpoints that require user authorization, such as redeeming an NFT, you will need to provide a JWT token in the request header. To obtain a JWT token, follow the instructions outlined in the Login section below.
It is important to keep your API key and JWT token secure, as they provide access to your account and the RE:DREAMER API. Please do not share your API key or JWT token with unauthorized users.
To start the authorization process, you need to get a nonce by providing a valid address. This nonce will be used to sign your request in the next step. You can make a GET request to the following endpoint to obtain a nonce:
get
/api/v1/auth/nonce
Get a nonce by given address
Parameters
Query
address*
The wallet address of the user
network*
Unique identifier of the network. Currently only
eth
is supported.Responses
200: OK
400: Bad Request
curl --location 'https://testnet-api.redreamer.io/api/v1/auth/nonce?address=${address}' \
--header 'Accept: application/json'
{
"nonce": "72452fa3-dbc6-44ae-8108-1dfb7edc1582"
}
After obtaining the nonce, you need to sign the following message by using the private key of the wallet address which will be used to login.
${address} ${nonce}
Before you can proceed with the following steps, you will need to install the Metamask extension and create a wallet address.
You can sign the message without building the UI by using Metamask Playground. Please follow these steps:
- 1.
- 2.Click INSPECTOR button in the bottom right corner.
- 3.Copy the JSON below and paste it to playground inspector.{"jsonrpc": "2.0","method": "eth_requestAccounts"}
- 4.Click Play button to connect to the wallet. This step will trigger a popup if Metamask wallet extension is installed in the web browser.
- 5.Select the wallet that will be connected and click Next button.
- 6.Click Connect button to connect the wallet.
- 7.Copy the JSON below and paste it to playground inspector.{"jsonrpc": "2.0","method": "personal_sign","params": ["${address} ${nonce}","${address}"],"id": 0}
- 8.Replace
${address}
with the wallet address which will be used for login and replace${nonce}
with the nonce from STEP 1. - 9.Click Play button to sign the message. This step will trigger popup if Metamask wallet extension is installed in the web browser.
- 10.Click Sign button in the popup.
- 11.In Metamask Playground, see the response payload and get the signature from the
result
. Example response can be seen below.{"jsonrpc": "2.0","result": "0xef128476f6e17bc32ead6bddf3daf329c018d03ffc7ebb449c4fc30e36bbb65b20fe38a4303cf718fd1ec1ac675fcea86056d541cd2f88d5bfd2e73e52c2ead21c","id": 0}
In order to sign the message with your own UI. You can follow up the steps mentioned in the following tutorials.
For managing multiple wallets, e.g. Metamask, Gnosis, Coinbase wallet, we recommend to use web3-react packages which is developed by Uniswap.
After obtaining the signature from the
result
of STEP 2, you can make a POST request to the following endpoint to obtain a JWT token.post
/api/v1/auth/login
Login to get JWT
Parameters
Body
address*
The address of the user
signature*
Result from signing the message
${address} ${nonce}
by using the wallet private keyResponses
200: OK
curl --location 'https://testnet-api.redreamer.io/api/v1/auth/login' \
--header 'Accept: application/json' \
--header 'Content-Type: text/plain' \
--data '{
"address": "${address}",
"signature": "${signature}"
}'
{
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2ODg1ODk4LCJpYXQiOjE2NzY4ODIyOTgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.JUmCvcJuxdUx1rljJXV_Y6A-Am4Rha8Aur9KBjFOebbCfdaDkhUiXtpkcdh3IKE7dhBMSouRmkHwKputDccgDw",
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2OTY4Njk4LCJpYXQiOjE2NzY4ODIyOTgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.7a1sBY5UNPetRW1hKKDUMu-G6zp9Go9xbL28VE_TlLdyQ12KiNSO2Ry30vJXoCxHRoHSq3ficc6Akc3QVA8CUw"
}
In order to continue using the RE:DREAMER API after the JWT (JSON Web Token) has expired, you must refresh the token.
The JWT is valid for 1 hour and the refresh token is valid for 24 hours.
To refresh the token, send a POST request to the following endpoint:
post
/api/v1/auth/refresh
Refresh JWT
Parameters
Body
refresh_token*
The refresh token provided in the previous login step.
Responses
200: OK
If the refresh token is not valid, the API will respond with an error message indicating that the token is invalid or has expired. In this case, you will need to re-authenticate by logging in again.
curl --location 'https://testnet-api.redreamer.io/api/v1/auth/refresh' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"refresh_token": "${refresh_token}"
}'
{
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2ODg2MTU3LCJpYXQiOjE2NzY4ODI1NTcsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.-2gZ9vUuLJRLhXH7sD37EiemQkgcdX3BmN2VNExiJpM9oAQiYuzOm00AzatjkHSi9alMV7FYq9DmIO8zicTj9A",
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2OTY4OTU3LCJpYXQiOjE2NzY4ODI1NTcsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.Dlw2lJJUFMQnXlmSM-xvyuKzELBZycb6Y-R2z8XAUS64HIB4oGPZTerBxa613vcCWopwaZOswj_y96ZNsGSo9A"
}
Last modified 5mo ago