Welcome to the Authorization section of the API documentation. This documentation is designed to guide you through the process of authorizing access to our API endpoints. To access the RE:DREAMER API endpoints, you will need either an API key or a JWT token. The authorization method you use will depend on the endpoint you are accessing.
API Key
For most endpoints, you can authorize using an API key. To obtain an API key, please contact our support team at
JWT Token
For endpoints that require user authorization, such as redeeming an NFT, you will need to provide a JWT token in the request header. To obtain a JWT token, follow the instructions outlined in the Login section below.
It is important to keep your API key and JWT token secure, as they provide access to your account and the RE:DREAMER API. Please do not share your API key or JWT token with unauthorized users.
Login
STEP 1: Get a nonce by given address
To start the authorization process, you need to get a nonce by providing a valid address. This nonce will be used to sign your request in the next step. You can make a GET request to the following endpoint to obtain a nonce:
Get a nonce by given address
GET /api/v1/auth/nonce
Query Parameters
The wallet address of the user
Unique identifier of the network. Currently only eth is supported.
Copy {
"nonce": "72452fa3-dbc6-44ae-8108-1dfb7edc1582"
}
Copy {
"code": "ERROR_CODE"
} cURL command
Copy curl --location 'https://testnet-api.redreamer.io/api/v1/auth/nonce?address=${address}' \
--header 'Accept: application/json' Example response
Copy {
"nonce": "72452fa3-dbc6-44ae-8108-1dfb7edc1582"
} STEP 2: Get the signature
After obtaining the nonce, you need to sign the following message by using the private key of the wallet address which will be used to login.
Before you can proceed with the following steps, you will need to install the Metamask extension and create a wallet address.
Click INSPECTOR button in the bottom right corner.
Copy the JSON below and paste it to playground inspector.
Copy {
"jsonrpc": "2.0",
"method": "eth_requestAccounts"
} Click Play button to connect to the wallet. This step will trigger a popup if Metamask wallet extension is installed in the web browser.
Select the wallet that will be connected and click Next button.
Click Connect button to connect the wallet.
Copy the JSON below and paste it to playground inspector.
Copy {
"jsonrpc": "2.0",
"method": "personal_sign",
"params": [
"${address} ${nonce}",
"${address}"
],
"id": 0
} Replace ${address} with the wallet address which will be used for login and replace ${nonce} with the nonce from STEP 1.
Click Play button to sign the message. This step will trigger popup if Metamask wallet extension is installed in the web browser.
Click Sign button in the popup.
In Metamask Playground, see the response payload and get the signature from the result. Example response can be seen below.
Copy {
"jsonrpc": "2.0",
"result": "0xef128476f6e17bc32ead6bddf3daf329c018d03ffc7ebb449c4fc30e36bbb65b20fe38a4303cf718fd1ec1ac675fcea86056d541cd2f88d5bfd2e73e52c2ead21c",
"id": 0
} Build your own web app
In order to sign the message with your own UI. You can follow up the steps mentioned in the following tutorials.
STEP 3: Login to get JWT token
After obtaining the signature from the result of STEP 2, you can make a POST request to the following endpoint to obtain a JWT token.
Login to get JWT
POST /api/v1/auth/login
Request Body
Result from signing the message ${address} ${nonce} by using the wallet private key
Copy
{
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4NWI3Y2ExNjFjMzExZDlhNWYwMDc3ZDUwNDhjYWRmYWNlODlhMjY3IiwiZXhwIjoxNjUwNDMzNzY4LCJpYXQiOjE2NTAzNDczNjgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6IiJ9.sMMuM0bCJjHs7DedWZd8w-2BWzovuBuCxgZwMW20TIwKSkrkue2T-9ecgW-8_TCsGoleiQa6DSDbQKq3_kQmjA",
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4NWI3Y2ExNjFjMzExZDlhNWYwMDc3ZDUwNDhjYWRmYWNlODlhMjY3IiwiZXhwIjoxNjUwMzUwOTY4LCJpYXQiOjE2NTAzNDczNjgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6IiJ9.WWjCMbpWkpbzQulgqOQz5JqnC1lTEFG2_CTeFW21A8q7AKeEI_l2_ptqiG7lpcOCmojFW_3Zi3VAimO1k214cw"
} cURL command
Copy curl --location 'https://testnet-api.redreamer.io/api/v1/auth/login' \
--header 'Accept: application/json' \
--header 'Content-Type: text/plain' \
--data '{
"address": "${address}",
"signature": "${signature}"
}' Example response
Copy {
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2ODg1ODk4LCJpYXQiOjE2NzY4ODIyOTgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.JUmCvcJuxdUx1rljJXV_Y6A-Am4Rha8Aur9KBjFOebbCfdaDkhUiXtpkcdh3IKE7dhBMSouRmkHwKputDccgDw",
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2OTY4Njk4LCJpYXQiOjE2NzY4ODIyOTgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.7a1sBY5UNPetRW1hKKDUMu-G6zp9Go9xbL28VE_TlLdyQ12KiNSO2Ry30vJXoCxHRoHSq3ficc6Akc3QVA8CUw"
} Refresh token
In order to continue using the RE:DREAMER API after the JWT (JSON Web Token) has expired, you must refresh the token.
The JWT is valid for 1 hour and the refresh token is valid for 24 hours.
Refresh token
To refresh the token, send a POST request to the following endpoint:
Refresh JWT
POST /api/v1/auth/refresh
Request Body
The refresh token provided in the previous login step.
Copy {
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4NWI3Y2ExNjFjMzExZDlhNWYwMDc3ZDUwNDhjYWRmYWNlODlhMjY3IiwiZXhwIjoxNjUwNDMzNzY4LCJpYXQiOjE2NTAzNDczNjgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6IiJ9.sMMuM0bCJjHs7DedWZd8w-2BWzovuBuCxgZwMW20TIwKSkrkue2T-9ecgW-8_TCsGoleiQa6DSDbQKq3_kQmjA",
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4NWI3Y2ExNjFjMzExZDlhNWYwMDc3ZDUwNDhjYWRmYWNlODlhMjY3IiwiZXhwIjoxNjUwMzUwOTY4LCJpYXQiOjE2NTAzNDczNjgsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6IiJ9.WWjCMbpWkpbzQulgqOQz5JqnC1lTEFG2_CTeFW21A8q7AKeEI_l2_ptqiG7lpcOCmojFW_3Zi3VAimO1k214cw"
} If the refresh token is not valid, the API will respond with an error message indicating that the token is invalid or has expired. In this case, you will need to re-authenticate by logging in again.
cURL command
Copy curl --location 'https://testnet-api.redreamer.io/api/v1/auth/refresh' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"refresh_token": "${refresh_token}"
}' Example response
Copy {
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2ODg2MTU3LCJpYXQiOjE2NzY4ODI1NTcsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.-2gZ9vUuLJRLhXH7sD37EiemQkgcdX3BmN2VNExiJpM9oAQiYuzOm00AzatjkHSi9alMV7FYq9DmIO8zicTj9A",
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHhmZDM2NGRmMGZkNGE2NTNiNTA5NTVlMGI1NGIyM2I0MTJkOGEyOThlIiwiZXhwIjoxNjc2OTY4OTU3LCJpYXQiOjE2NzY4ODI1NTcsImlzcyI6InJlZHJlYW1lciIsInNjb3BlcyI6ImNvbnNvbGU6cGFzc3BvcnQ6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnBhc3Nwb3J0OmNhbXBhaWduOndyaXRlLGNvbnNvbGU6cGFzc3BvcnQ6cmVwb3J0OnJlYWQsY29uc29sZTpyZWRlZW1jZW50ZXI6Y2FtcGFpZ246cmVhZCxjb25zb2xlOnJlZGVlbWNlbnRlcjpjYW1wYWlnbjp3cml0ZSxjb25zb2xlOnJlZGVlbWNlbnRlcjpyZXBvcnQ6cmVhZCxjb25zb2xlOm1ldGFkYXRhOnJlYWQsY29uc29sZTptZXRhZGF0YTp3cml0ZSxjb25zb2xlOmFwaWtleTpyZWFkLGNvbnNvbGU6YXBpa2V5OndyaXRlLGNvbnNvbGU6cmV2ZXJzZTpyZWFkLGNvbnNvbGU6cmV2ZXJzZTp3cml0ZSJ9.Dlw2lJJUFMQnXlmSM-xvyuKzELBZycb6Y-R2z8XAUS64HIB4oGPZTerBxa613vcCWopwaZOswj_y96ZNsGSo9A"
} 