Auth

Using EIP-4361 (Sign in with Ethererum) standard, you can authenticate users to your backend using only their wallet. This is a secure and easy way to authenticate users without requiring them to create an additional account.

import { signLoginPayload } from 'thirdweb/auth';
 
// 1. fetch a login payload from your server
const result = await fetch(...);
const loginPayload = await result.json();
 
// 2. sign the login payload with the user's account
const signature = await signLoginPayload({ payload: loginPayload, account });
 
// 3. send the login payload and signature to your server
const result = await fetch(...);
const verifiedPayload = await result.json();

How you store and maintain a user session is up to you, but our recommended approach is to store a JWT token in a cookie that is verified on the server. The server functions below include utility functions to generate and verify the JWT.

import { createAuth } from "thirdweb/auth";
 
const auth = createAuth({
  domain: "localhost:3000",
  clientId: "1234567890", // get yours at https://thirdweb.com/dashboard/settings/api-keys
});
 
// 1. generate a login payload for a client on the server side
const loginPayload = await auth.generatePayload({
  address: "0x123...",
});
 
// 2. send the login payload to the client to sign
 
// 3. verify the login payload and signature that the client sends back later
const verifiedPayload = await auth.verifyPayload({
  payload: loginPayload,
  signature: "0x123...",
});
 
// 4. generate a JWT for the client
const jwt = await auth.generateJWT({ payload: verifiedPayload });
 
// 5. set the JWT as a cookie or otherwise provide it to the client
 
// 6. authenticate the client based on the JWT on subsequent calls
const { valid, parsedJWT } = await auth.verifyJWT({ jwt });