Signature Grant
This article describes how you would verify an authenticated session's wallet address when using the Signature Grant Type.
- Accessing/modifying private user data A user is authenticated on the frontend and wants to view or modify private user data. The server should independently verify the authenticated wallet address prior to allowing access to this data.
The first thing you will need to do is create a Developer App of type Signature Grant. This will give you a
clientId
which will be used on your frontend via the Connect Widget, which handles client-side authentication. Please follow the tutorial for the Connect Widget prior to continuing.In order to verify an authenticated session, you will need to read the session token on your frontend application and pass it back to your backend server.
There are two ways to retrieve the frontend session token
const token = await window.ManifoldEthereumProvider.getOAuth({
grantType: "signature",
appName: "<your app name>",
clientId: "<your app client id>"
});
window.addEventListener('m-authenticated', async (event) => {
// a Manafild Data Client will be provided in the event details
const client = event.detail.client;
const token = client.token;
// do something
})
Once you retrieve the session token on the frontend client, pass it back to your server endpoint.
Here is an example in how to verify a session token in an Express backend server:
app.get('/verify', async (req: any, res: any) => {
const token = req.query.token
const response = await fetch('https://oauth2.manifoldxyz.dev/verify', {
method: "POST",
headers: {
"Content-Type": "application/json",
Accept: "application/json",
},
body: JSON.stringify({
token: token,
}),
});
if (response.status !== 200) return res.sendStatus(403);
const responseJson = await response.json();
const address = responseJson.unwrappedJWT?.address;
if (!address) return res.sendStatus(403);
// You now have the address associated with the authenticated session
// do whatever you need
return res.sendStatus(200);
})
Last modified 10mo ago