Signature Authentication
How to configure
To enable endpoint which provides you signature authentication, you need to set BARONG_AUTH_METHODS
ENV to signature
If you need to have usual password and signature authentication your env value should look like this password,signature
API Endpoint explanation
Today, system support signature authentication generated only by Polkadot
API call which provides you ability to login with signature POST /api/v2/barong/identity/sessions/signature
Please make sure your signature was generated this (way)[https://polkadot.js.org/docs/keyring/start/sign-verify/]
Be aware, that system supports only signatures generated by ED25519
algorithm
Also, please be aware that you should use nonce
param in milliseconds. You can use barong API endpoint to get current server time GET /api/v2/barong/identity/time
, where time_ms
- your time in milliseconds and time
- server current unix timestamp in seconds
System will check nonce expiration by this ENV variable BARONG_APIKEY_NONCE_LIFETIME
, by default value is 5000
ms (it means that if your nonce was generated more than 5s ago, system will reject such nonce), if you want to have different time for nonce lifetime, you can configure it changing this env value
Useful resources
- https://polkadot.js.org/docs/
- https://wiki.polkadot.network/docs/learn-accounts