Submit Signature

curl --request POST \
  --url https://api.example.com/v1/auth/submit-signature \
  --header 'Content-Type: application/json' \
  --data '
{
  "signature": "<string>",
  "extraData": "<string>"
}
'

{
  "success": true,
  "accessToken": "<string>"
}

POST

auth

submit-signature

Submit Signature

curl --request POST \
  --url https://api.example.com/v1/auth/submit-signature \
  --header 'Content-Type: application/json' \
  --data '
{
  "signature": "<string>",
  "extraData": "<string>"
}
'

{
  "success": true,
  "accessToken": "<string>"
}

Overview

Submit the signed challenge message to receive your JWT access token. The server will verify that:

The signature is valid and recovers to your wallet address
The challenge hasn’t expired (1 minute window)
The HMAC matches the original challenge

Request Body

signature

string

required

The signature of the challenge message. This is the result of signing the message from the challenge with your wallet’s private key. The signature format depends on your wallet library (typically a hex string starting with 0x).

extraData

string

required

The extraData string you received from the Get Message endpoint. This contains the wallet address, expiration time, and HMAC needed to validate your signature.

Response

success

boolean

Always true for successful authentication

accessToken

string

required

Your JWT access token. Include this in the Authorization header for all authenticated API requests. The token expires after 2 hours.Usage:

Authorization: Bearer {accessToken}

{
  "success": true,
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Get Message Create Order

⌘I

API documentation

Authentication

Orders

Withdraw

Portfolio

Submit Signature

Overview

Request Body

Response

API documentation

Authentication

Orders

Withdraw

Portfolio

​Overview

​Request Body

​Response

Overview

Request Body

Response