Verify EVM challenge

curl --request POST \
  --url https://authapi.moralis.io/challenge/verify/evm \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "message": "defi.finance wants you to sign in with your Ethereum account:\n0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B\n\n\nURI: https://defi.finance\nVersion: 1\nChain ID: 1\nNonce: Px7Nh1RPzlCLwqgOb\nIssued At: 2022-11-30T10:20:00.262Z",
  "signature": "0xa8f89a58bf9b433d3100f9e41ee35b5e31fb8c7cd62547acb113162ec6f2e4140207e2dfbd4e387e1801ebc7f08a9dd105ac1d22b2e2ff0df5fa8b6d9bdcfe491c"
}
'

{
  "id": "fRyt67D3eRss3RrX",
  "domain": "defi.finance",
  "uri": "https://defi.finance/",
  "version": "1.0",
  "nonce": "0x1234567890abcdef0123456789abcdef1234567890abcdef",
  "profileId": "0xbfbcfab169c67072ff418133124480fea02175f1402aaa497daa4fd09026b0e1",
  "chainId": 1,
  "address": "0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B",
  "statement": "Please confirm",
  "expirationTime": "2020-01-01T00:00:00.000Z",
  "notBefore": "2020-01-01T00:00:00.000Z",
  "resources": [
    "https://docs.moralis.io/"
  ]
}

POST

challenge

verify

evm

Verify EVM challenge

curl --request POST \
  --url https://authapi.moralis.io/challenge/verify/evm \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "message": "defi.finance wants you to sign in with your Ethereum account:\n0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B\n\n\nURI: https://defi.finance\nVersion: 1\nChain ID: 1\nNonce: Px7Nh1RPzlCLwqgOb\nIssued At: 2022-11-30T10:20:00.262Z",
  "signature": "0xa8f89a58bf9b433d3100f9e41ee35b5e31fb8c7cd62547acb113162ec6f2e4140207e2dfbd4e387e1801ebc7f08a9dd105ac1d22b2e2ff0df5fa8b6d9bdcfe491c"
}
'

{
  "id": "fRyt67D3eRss3RrX",
  "domain": "defi.finance",
  "uri": "https://defi.finance/",
  "version": "1.0",
  "nonce": "0x1234567890abcdef0123456789abcdef1234567890abcdef",
  "profileId": "0xbfbcfab169c67072ff418133124480fea02175f1402aaa497daa4fd09026b0e1",
  "chainId": 1,
  "address": "0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B",
  "statement": "Please confirm",
  "expirationTime": "2020-01-01T00:00:00.000Z",
  "notBefore": "2020-01-01T00:00:00.000Z",
  "resources": [
    "https://docs.moralis.io/"
  ]
}

Authorizations

X-API-Key

string

header

required

Body

application/json

Verify EVM challenge message.

message

string

required

Message that needs to be signed by the end user.

Example:

"defi.finance wants you to sign in with your Ethereum account:\n0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B\n\n\nURI: https://defi.finance\nVersion: 1\nChain ID: 1\nNonce: Px7Nh1RPzlCLwqgOb\nIssued At: 2022-11-30T10:20:00.262Z"

signature

string

required

EIP-191 compliant signature signed by the Ethereum account address requesting authentication.

Example:

"0xa8f89a58bf9b433d3100f9e41ee35b5e31fb8c7cd62547acb113162ec6f2e4140207e2dfbd4e387e1801ebc7f08a9dd105ac1d22b2e2ff0df5fa8b6d9bdcfe491c"

Response

201 - application/json

The token to be used to call the third party API from the client

string

required

17-characters Alphanumeric string Secret Challenge ID used to identify this particular request. Is should be used at the backend of the calling service to identify the completed request.

Required string length: 8 - 64

Example:

"fRyt67D3eRss3RrX"

domain

string<hostname>

required

RFC 4501 dns authority that is requesting the signing.

Example:

"defi.finance"

uri

string<uri>

required

RFC 3986 URI referring to the resource that is the subject of the signing (as in the subject of a claim).

Example:

"https://defi.finance/"

version

string

required

EIP-155 Chain ID to which the session is bound, and the network where Contract Accounts must be resolved.

Example:

"1.0"

nonce

string

required

Example:

"0x1234567890abcdef0123456789abcdef1234567890abcdef"

profileId

string

required

Unique identifier with a length of 66 characters

Example:

"0xbfbcfab169c67072ff418133124480fea02175f1402aaa497daa4fd09026b0e1"

chainId

enum<string>

required

EIP-155 Chain ID to which the session is bound, and the network where Contract Accounts must be resolved.

Available options:

1,

5,

10,

25,

56,

97,

100,

137,

250,

338,

420,

1284,

1285,

1287,

1337,

8453,

10200,

43113,

43114,

80001,

80002,

84531,

88882,

88888,

11155111

Example:

1

address

string

required

Ethereum address performing the signing conformant to capitalization encoded checksum specified in EIP-55 where applicable.

Example:

"0xAb5801a7D398351b8bE11C439e05C5B3259aeC9B"

statement

string

Human-readable ASCII assertion that the user will sign, and it must not contain .

Example:

"Please confirm"

expirationTime

string<date-time>

ISO 8601 datetime string that, if present, indicates when the signed authentication message is no longer valid.

Example:

"2020-01-01T00:00:00.000Z"

notBefore

string<date-time>

ISO 8601 datetime string that, if present, indicates when the signed authentication message will become valid.

Example:

"2020-01-01T00:00:00.000Z"

resources

string[]

List of information or references to information the user wishes to have resolved as part of authentication by the relying party. They are expressed as RFC 3986 URIs separated by `

Example:

["https://docs.moralis.io/"]

Request EVM challenge Request Solana challenge

⌘I

API Reference

Authorizations

Body

Response