How to sign in to Boost using Sign-In with Ethereum
'Sign in with Ethereum.'
and a nonce value from the /auth/nonce endpoint should suffice, we recommend the siwe library for JavaScript applications, to ensure all required fields are present.
Here is an example of SIWE message generation using the siwe library:
origin
and user-agent
headers are mandatory, though they are usually included automatically by the browser.accessToken
and a refreshToken
:
accessToken
should be passed as the authorization header value for protected routes.refreshToken
can be stored to allow for re-authentication without another message signature when the accessToken
expires using the /auth/refresh endpoint, which returns a new access token for the given refresh token.refreshToken
can be used to get a new access token without requiring a new SIWE signature from the end user. Refresh tokens expire in 30 days, after which a full login with a new SIWE signature from the end user is required.