JWT

Shipl expects to auth token to be included in all secured API requests to the server in a header that looks like the following:

Authorization: Bearer AUTH_TOKEN

The JWT token is generated from the following control flow:

  1. The user submits his phone number and receives a text with a secret

  2. Upon successful completion, a JWT token is created and signed

  3. This token is associated with the user and allows him to make calls to the API

The login method of the Shipl SDK handle the creation/verification of the user and the usage of the auth token which include the automatic refresh. You just have to pass a callback function to enable the Shipl SDK to ask the end-user for the phone number and the code verification. The phone number verification happen only the first time that the user process a meta-transaction. Once the user is registered with the Shipl services the challenge for his login is based on an ethereum signature with his private key.

Endpoint to manage JWT Auth

All the following endpoint start with that: https://mainnet.api.shipl.co or https://testnet.api.shipl.co in testnet mode.

Endpoint

/verify

Verify the phone number code

/refreshToken

Refresh the token

/initiateAuth

Inititate the auth

/respondToAuthChallenge

Respond to the auth challenge

/signup

Start the signup process

/confirmSignup

Confirm the signup

/resendConfirmationCode

Resend the code confirmation

/lookup

Lookup for identity creation

/exist

Check if the address is an existing user

post
Sign-In & Sign-Up

/auth/login
Request
Response
Body Parameters
phoneNumber
required
string
appId
required
string
client
optional
string
username
optional
string
200: OK
{
ChallengeName: 'CUSTOM_CHALLENGE',
Session:
'DoP1_t2XPJuBey5rnuhroF5ahVYc6Dhdd3r7joOqEK2vmBUC8TqfLvOhYzkgyZD3JydDeaB5FqzViOy5KxvXP2rRTSEPXELM6L4yGXYRTGfNWFlr0z-80kwXMRdi4E5JLAcoX6FJ3OOnFNXh5OuVce2cSR4pcxTkDK6j493i44LRbIJ6-m9hQEJ3FHTAPqPIZImMjhsy8tHnlspyvfXsJt5n43pJMwnUFbTB5Tl0t5Jl7pc6B_J7ITC50nnV1xKULbXLKOiGDHOntR5G15F-PAfUb35ZYfOom1CmTOuctOPjUyq6nVoqOQAJOyMZZkmg2bLARV2bRYOiyMEA0BjPjFJCm6kzs44cQ1Q4ciI4f0frGCdE-ltqlTjvuqTJx9xa9KRNU_1gR5ng0sOxA1CVJJRmKqkFW43CIms0-Yu14j9vmdM5QfFAoYByYC-l2fpvkHB08w-lDaoIX-rLxS0_48blWqPRZsgn8KZ9MlsvMzmkgbkQOZjegxsCxLyKHw4K7QCs1Izc8OS0d98kr-c1-9vBK-D6CRpe26mEOHLKBRRp-CebYio4NwvQCZ6mCZDwHccVcDhA0OaX5mD7KT1L0tVn0WWLqQay32uRtm9eK4lAeWyXirqQsMtgljcfhtPgE9fmwNpkiTT45RpGhxoK8PJe99MzbbAr6RDAffEnvJ7uteUiXBfHJ6piKFIqhDakJliCEU-pmwFgkBBkWxkzZE6s4Z1k08ufJYW__CFGFl2Liozm9lcPcgRCixPtzksIp3Edyq2CMQ2wEx_vEJTpdG7u7bgh9hp6Ov99HPmovcZi-Ghf-d9cTle0zS-XM4NiSENF9wK60tdECZj3xsDUqCsACLX-SulrJj3uPJW86aLPo_AKopGqlVl6o3ltq77ZjsbJmzqysk1Pi7Yl14sw6MvfCQIE3K_143rURBu4Pwnpmq1v0PRxQRqQ8xG95wt3PTZH8k5t1vDNeYZeHaX3PN3GM0g-0HupRoKDBC6HuDhWXXXXXXXXXX',
ChallengeParameters: {
USERNAME: '20023f479659bd8ab9b82f5eXXXXXXXX'
},
UserName: '20023f479659bd8ab9b82f5eXXXXXXXX'
}
Node.js
Second Tab
const axios = require('axios')
const phoneNumber = '+3375196XXXX'
const client = 'vaultx'
const appId = '5fc6c72e-db33-4XXX-YYYY-a4227b9ZZZZZ'
axios
.post('https://testnet.api.shipl.co/auth/login', {
phoneNumber,
client,
appId
})
.then(login => {
const info = login.data.data
console.log('login', info)
})

post
Verify

/auth/verify
Request
Response
Body Parameters
phoneNumber
required
string
session
required
string
confirmationCode
required
string
client
optional
string
200: OK
Node.js
Second Tab
const axios = require('axios')
const phoneNumber = '+3375196XXXX'
const client = 'vaultx'
const session = 'YOUR_SESSION'
const confirmationCode = "XXXXXX"
axios.post('https://testnet.api.shipl.co/auth/verify', {
phoneNumber,
client,
session,
confirmationCode
}).then(verify => {
const infoverify = verify.data.data
console.log('verify', infoverify)
Ï})