Patch Wallet API
  • 👋Welcome to the Patch Docs
  • API
    • ▶️Overview
    • Go to Postman Collection
    • App Authentication
    • User Authentication
    • Resolver API
    • Kernel Account API
    • ENS Resolver (usr.id)
    • Networks Supported
    • Errors
  • Other
    • Admin
      • 🚧 🚧 🚧 Patch Maintenance 🚧 🚧 🚧
    • Other
      • 🏗️Request for Projects
      • Base Account API [DEPRECATED]
      • DustSweeper API [WIP]
      • Safe Account API
        • Accounts
        • Send Transactions
        • View Transaction Status
  • Protocol
Powered by GitBook
On this page
  • Use native Patch auth
  • Trigger auth server to send verification token
  • Verify the code
  • Use your own auth
  1. API

User Authentication

PreviousApp AuthenticationNextResolver API

Last updated 1 year ago

All endpoints that require a Patch wallet signature, like to send transactions or sign a message, must go through user authentication. That includes the following endpoints:

  • Kernel Account API

There are 2 ways for Apps to authenticate users:

Use native Patch auth

Due to the OAuth agreement and other restrictions, we only have Phone Number auth at this moment, other native auth are coming soon.

Phone Number

  1. Trigger our auth server to send a verification token to a phone number

curl -L -X POST 'https://auth.paymagicapi.com/functions/v1/signInWithOTP' 
    --data '{"phone":"+1xxxxxxxxxx"}'

  • Our server will send a SMS with 6 digit verification code to the phone number

Trigger auth server to send verification token

POST https://auth.paymagicapi.com/functions/v1/signInWithOTP

Request Body

Name
Type
Description

phone*

String

US/Canada phone number with +1 area code

  1. Verify the code to get JWT token for transation authentication

curl -L -X POST 'https://auth.paymagicapi.com/functions/v1/verifyOTP' 
    --data '{"phone":"+1xxxxxxxxxx","token":"xxxxxx"}'

Verify the code

POST https://auth.paymagicapi.com/functions/v1/verifyOTP

Request Body

Name
Type
Description

phone*

String

US/Canada phone number with +1 area code

token*

String

6 digit code from SMS

Use your own auth

  1. On Discord, request a client_id and client_secret

  2. Tell us what type of auth provider you're using and we'll create a custom Lit Action for signing.

  3. Pass the specified data through the auth parameter on any Wallet API endpoints. During testing, you can leave the auth parameter blank.

curl --location 'https://paymagicapi.com/v1/kernel/tx' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{access_token}}' \
--data '{
    "userId": "twitter:elonmusk",
    "chain": "matic",
    "to": ["0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174"],
    "value": ["0"],
    "data": ["0xa9059cbb000000000000000000000000a969E3D8b4A376a59B15C70f29Deb08fbFab07810000000000000000000000000000000000000000000000000000000000002710"],
    "auth": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhdXRoZW50aWNhdGVkIiwiZXhwIjoxNjc5NDYwODQ2LCJzdWIiOiI4YTFlODg2YS0xNmRjLTRlM2ItODg5MS04MWFiMjk3M2U5NjIiLCJlbWFpbCI6Imdlc2FnYTM0NzlAa2F1ZGF0LmNvbSIsInBob25lIjoiIiwiYXBwX21ldGFkYXRhIjp7InByb3ZpZGVyIjoiZW1haWwiLCJwcm92aWRlcnMiOlsiZW1haWwiXX0sInVzZXJfbWV0YWRhdGEiOnt9LCJyb2xlIjoiYXV0aGVudGljYXRlZCIsImFhbCI6ImFhbDEiLCJhbXIiOlt7Im1ldGhvZCI6Im90cCIsInRpbWVzdGFtcCI6MTY3OTQ1NzI0Nn1dLCJzZXNzaW9uX2lkIjoiMGRhMmQ4YmUtY2FiYS00MGRhLWE5ZTctOTliMjNlZmE4ZWExIn0.lfjj6YbJoCRSXRgW9vPg6Un0ck0NiBH6S97_gXUGKUE"
}'

Use native Patch auth:

  • Twitter

  • Email

  • Phone number

  • Github

Use your own auth:

  • Use Auth0, Clerk.com, or another service to authenticate users. Then push transactions through their wallets.

  • You get to choose your provider name like uniswap, meta, or yourname.