Docs

Auth

Using EIP-4361 (Sign in with Ethererum) standard, you can authenticate users to your backend using only their wallet. This is a secure and easy way to authenticate users without requiring them to create an additional account.

Usage

Client Functions

import { signLoginPayload } from 'thirdweb/auth';
// 1. fetch a login payload from your server
const result = await fetch(...);
const loginPayload = await result.json();
// 2. sign the login payload with the user's account
const signature = await signLoginPayload({ payload: loginPayload, account });
// 3. send the login payload and signature to your server
const result = await fetch(...);
const verifiedPayload = await result.json();

How you store and maintain a user session is up to you, but our recommended approach is to store a JWT token in a cookie that is verified on the server. The server functions below include utility functions to generate and verify the JWT.

Server Functions

import { createAuth } from "thirdweb/auth";
const auth = createAuth({
domain: "localhost:3000",
clientId: "1234567890", // get yours at https://thirdweb.com/dashboard/settings/api-keys
});
// 1. generate a login payload for a client on the server side
const loginPayload = await auth.generatePayload({
address: "0x123...",
});
// 2. send the login payload to the client to sign
// 3. verify the login payload and signature that the client sends back later
const verifiedPayload = await auth.verifyPayload({
payload: loginPayload,
signature: "0x123...",
});
// 4. generate a JWT for the client
const jwt = await auth.generateJWT({ payload: verifiedPayload });
// 5. set the JWT as a cookie or otherwise provide it to the client
// 6. authenticate the client based on the JWT on subsequent calls
const { valid, parsedJWT } = await auth.verifyJWT({ jwt });

Example Repos

Auth + Next.js

A working example of Auth + Next.js

Auth + Express

A working example of a React + Express app using Auth