Auth API 概览

简介

Auth API提供了一个简单而精简的接口，使应用程序能够通过自动的身份验证消息对钱包用户进行身份验证，以便用钱包登录/登录应用程序。

Context

Auth API would be present in wallets similarly to Sign API where users could establish a connection with a website or app to connect their wallet to sign. However Auth API would be focused exclusively on automatically signing an authentication message on connection request.

Contrary to Sign API where you would establish a connection to expose accounts without knowing if the wallet actually controlled these accounts. Auth API would provide a signed message with pre-defined parameters from the app request to authenticate the wallet user.

This API would be used for wallet users to login in a single step into existing websites or applications that would normally require an email and password login or a social login such as Facebook, Google, etc

Auth API is a one-click passwordless authentication provider for any website or application.

Goals

A user can login or sign-in into any website or application with their blockchain account.

An app does not need to maintain a persisted connection with the wallet once authenticated.

A wallet can evaluate all auth parameters requested to format the message independently.

An authentication message can be used to access resources through OAuth 2.0 or OpenID.