Signature Authentication

How to configure

To enable endpoint which provides you signature authentication, you need to set BARONG_AUTH_METHODS ENV to signature
If you need to have usual password and signature authentication your env value should look like this password,signature

API Endpoint explanation

Today, system support signature authentication generated only by Polkadot

API call which provides you ability to login with signature POST /api/v2/barong/identity/sessions/signature

Please make sure your signature was generated this (way)[https://polkadot.js.org/docs/keyring/start/sign-verify/]

Be aware, that system supports only signatures generated by ED25519 algorithm

Also, please be aware that you should use nonce param in milliseconds. You can use barong API endpoint to get current server time GET /api/v2/barong/identity/time, where time_ms - your time in milliseconds and time - server current unix timestamp in seconds

System will check nonce expiration by this ENV variable BARONG_APIKEY_NONCE_LIFETIME, by default value is 5000 ms (it means that if your nonce was generated more than 5s ago, system will reject such nonce), if you want to have different time for nonce lifetime, you can configure it changing this env value

Useful resources

  • https://polkadot.js.org/docs/
  • https://wiki.polkadot.network/docs/learn-accounts