Auth API

All user-secured endpoints require a JWT obtained via wallet signature. Provider endpoints require your API key. Amounts are in wei.

Base URL (staging): https://mcap-api-564778804231.us-east4.run.app

Generate Nonce

POST /v1/auth/nonce
{
  "wallet_address": "0x...",
  "provider_id": "<UUID>"
}

The signature section of the request must be a signed message of the following format (using EIP-191 standard):

Sign this message to authenticate with nonce: <nonce>

EVM wallets:

POST /v1/auth/login
{
  "provider_id": "<UUID>",
  "wallet_address": "0x...",
  "signature": "0x...",
  "nonce": "..."
}

Flow wallets (Flow EVM):

POST /v1/auth/login
{
  "provider_id": "<UUID>",
  "wallet_address": "0x...",
  "signature": "...",
  "nonce": "...",
  "wallet_type": "flow",
  "flow_evm_address": "0x...",
  "key_id": 0
}

Response:

{
  "access_token": "...",
  "refresh_token": "...",
  "token_type": "Bearer",
  "expires_in": 604800
}

Get Profile

GET /v1/auth/profile
Authorization: Bearer <jwt>

Refresh Token

POST /v1/auth/refresh
{
  "refresh_token": "...",
  "provider_id": "<UUID>"
}

Logout

POST /v1/auth/logout
Authorization: Bearer <jwt>

Generate Nonce​

Login​

Get Profile​

Refresh Token​

Logout​

Generate Nonce

Login

Get Profile

Refresh Token

Logout