• User Guide
    • Security Notes
      Security Notes
    • Online/Desktop Apps
      • Account Management
        • Create Account
          Create Account
        • Log in to Account
          Log in to Account
        • Backup Seed Phrase
          Backup Seed Phrase
        • Recover Account
          Recover Account
        • Find Out Your Address
          Find Out Your Address
        • Create Personal Alias
          Create Personal Alias
        • Import From Keeper Wallet
          Import From Keeper Wallet
        • Use Ledger Nano Devices With WX Network
          Use Ledger Nano Devices With WX Network
        Account Management
      • Token Management
        • Deposit & Withdraw Tokens
          • Transactions Tab
            Transactions Tab
          Deposit & Withdraw Tokens
        • Create Token
          Create Token
        • Mass Transfer
          Mass Transfer
        • Reissue Token
          Reissue Token
        • Change Reissuable to Not Reissuable
          Change Reissuable to Not Reissuable
        • Burn Token
          Burn Token
        • Sponsored Transaction
          Sponsored Transaction
        • Sponsored Fee
          Sponsored Fee
        • Swap Tokens
          Swap Tokens
        Token Management
      • Investment Tools
        • Stake Tokens
          • How to Get XTN (Quick Guide)
            How to Get XTN (Quick Guide)
          • How to Get USDT/USDC/BTC/ETH (Quick Guide)
            How to Get USDT/USDC/BTC/ETH (Quick Guide)
          Stake Tokens
        • Lambo Investments
          Lambo Investments
        • Algorithmic Trading
          Algorithmic Trading
        Investment Tools
      • Liquidity Pools
        • How to Maximize Passive Income from Liquidity Pools?
          How to Maximize Passive Income from Liquidity Pools?
        • How to Deposit/Withdraw Tokens to/from a Liquidity Pool?
          How to Deposit/Withdraw Tokens to/from a Liquidity Pool?
        • How to Stake/Unstake LP Tokens?
          How to Stake/Unstake LP Tokens?
        • How to Claim LP Staking Reward in WX?
          How to Claim LP Staking Reward in WX?
        • How to Stake WX Token to Boost LP Staking Reward?
          How to Stake WX Token to Boost LP Staking Reward?
        • How to Claim WX Staking Reward?
          How to Claim WX Staking Reward?
        • WX Token Protocol
          WX Token Protocol
        Liquidity Pools
      • Voting
        Voting
      • Advanced Features
        • Script Transaction
          Script Transaction
        • JSON Confirmation
          JSON Confirmation
        Advanced Features
      • Start Trading on WX Network
        Start Trading on WX Network
      Online/Desktop Apps
    • Mobile Apps
      • WX Network App
        WX Network App
      • Waves.Exchange App
        • Account Management
          • Create Account
            Create Account
          • Log in to Account
            Log in to Account
          • Recover Account
            Recover Account
          • Find Out Your Address
            Find Out Your Address
          • Create Personal Alias
            Create Personal Alias
          Account Management
        • Token Management
          • Deposit & Withdraw Tokens
            Deposit & Withdraw Tokens
          • Burn Token
            Burn Token
          Token Management
        • Start Trading on WX Network
          Start Trading on WX Network
        Waves.Exchange App
      • WX Invest App
        WX Invest App
      Mobile Apps
    • Working With MetaMask in Waves Network
      Working With MetaMask in Waves Network
    • WX Referral Program
      WX Referral Program
    User Guide
  • API and Library
    • CCXT
      CCXT
    • Fees
      Fees
    • Payment API
      Payment API
    • Web Auth API
      Web Auth API
    • Gateway API
      • Deposit
        • [Deprecated] GET /v1/deposit/addresses/{currency}
          [Deprecated] GET /v1/deposit/addresses/{currency}
        • GET /v1/deposit/addresses/{currency}/{platform}
          GET /v1/deposit/addresses/{currency}/{platform}
        • GET /v1/deposit/currencies
          GET /v1/deposit/currencies
        • [Deprecated] GET /v1/deposit/currencies/{currency}
          [Deprecated] GET /v1/deposit/currencies/{currency}
        • GET /v1/deposit/currencies/{currency}/{platform}
          GET /v1/deposit/currencies/{currency}/{platform}
        • Terms of Deposit
          Terms of Deposit
        Deposit
      • Withdraw
        • [Deprecated] GET /v1/withdraw/addresses/{currency}/{address}
          [Deprecated] GET /v1/withdraw/addresses/{currency}/{address}
        • GET /v1/withdraw/addresses/{currency}/{address}/{platform}
          GET /v1/withdraw/addresses/{currency}/{address}/{platform}
        • GET /v1/withdraw/currencies
          GET /v1/withdraw/currencies
        • [Deprecated] GET /v1/withdraw/currencies/{currency}
          [Deprecated] GET /v1/withdraw/currencies/{currency}
        • GET /v1/withdraw/currencies/{currency}/{platform}
          GET /v1/withdraw/currencies/{currency}/{platform}
        • Terms of Withdrawal
          Terms of Withdrawal
        Withdraw
      • Movements History
        Movements History
      • Platforms List
        Platforms List
      • Error Codes
        Error Codes
      Gateway API
    • Access Token
      • Get Access Token in WX Network App
        Get Access Token in WX Network App
      • POST /v1/oauth2/token
        POST /v1/oauth2/token
      Access Token
    • Get Trades
      Get Trades
    • Staking Annual Percentage Yield API
      Staking Annual Percentage Yield API
    • Matcher
      • WX Network Protocol
        WX Network Protocol
      • Matcher Fee
        Matcher Fee
      • Install Matcher on Ubuntu From Deb-package
        Install Matcher on Ubuntu From Deb-package
      • Matcher Settings
        Matcher Settings
      • Matcher API
        • Order Validation
          Order Validation
        • Exchange Transation Validation
          Exchange Transation Validation
        Matcher API
      • Matcher WebSocket API
        • Errors and Debugging
          Errors and Debugging
        • Common Streams
          Common Streams
        Matcher WebSocket API
      Matcher
    API and Library
  • Glossary
    Glossary
      • English
      • Русский
      On this page
        • Process
        • Details

          # Web Auth API

          If you want to authorize a user in your service by means of his WX Network account, here's the solution. You can redirect the user to the official WX Network app (https://wx.network (opens new window)) with certain query parameters including some arbitrary data for the user to sign.

          That might be needed in cases when you work with user personal data and want to be sure that a given blockchain account belongs to that user.

          # Process

          1. You add to your site the link as follows:

            https://wx.network#gateway/auth?r=https://example.com&n=ServiceName&d=0123456789abc&i=/img/logo.png&s=/wavesAuth.
            

            where:

            r=https://example.com - URL of your service.

            n=ServiceName - name of your service.

            d=0123456789abc - data signed with user's private key.

            i=/img/logo.png - path to the logo of your service.

            s=/wavesAuth - path to the method that redirects the user when the signature is successful.

          2. The user opens the link and gets redirected to the official WX Network app to login the system.

          3. After logging in the user provides to your site the access to the address and the data is signed with the user's private key.

          4. The user then gets redirected back to your site, along with the signature and user's public key.

          5. You check the validity of the signature against the data provided for the user.

          6. If everything is correct, the user is now authenticated in your service.

          # Details

          Due to the length limitations of the query string all parameters are expressed with one character.

          # Request

          Example

          https://wx.network#gateway/auth?r=https://example.com&n=ServiceName&d=0123456789abc&i=/img/logo.png&s=/wavesAuth
          

          Basic path is https://wx.network#gateway/auth. Then the query parameters go.

          # Referrer

          r=https://example.com — the URL of your service. It should be HTTPS-only. (Required)

          # Name

          n=Service%20Name — the name of your service. (Required)

          # Data

          d=randomChars — the data which is signed by the user's private key. (Required)

          # Icon path

          i=/path/to/the/icon.png — a path relative to the Referrer parameter. It hosts the logo of your app. (Optional)

          # Success path

          s=/path/to/an/API/method — a path to the method which redirects the user while the signing is successful. By default, the user is redirected to the referrer root. (Optional)

          # Debug mode

          debug=true — a flag to display error messages. (Optional)

          # Response

          Example

          https://example.com/?s=2w7QKSkxKEUwCVhx2VGrt5YiYVtAdoBZ8KQcxuNjGfN6n4fi1bn7PfPTnmdygZ6d87WhSXF1B9hW2pSmP7HucVbh&p=2M25DqL2W4rGFLCFadgATboS8EPqyWAN3DjH12AH5Kdr&a=3PCAB4sHXgvtu5NPoen6EXR5yaNbvsEA8Fj
          

          # Signature

          s=base58EncodedSignature — a signature of the data which is signed by the user's private key.

          # Public key

          p=base58EncodedPublicKey — user's public key.

          # Address

          a=base58EncodedAddress — user's WX Network address.

          # How to check signature validity

          Signed data consists of three objects Prefix string + URL host + Provided Data. Signature is taken from the data in the following order: a WavesWalletAuthentication string, then a string with your host parameter value, then a string with your data parameter value. All strings are converted to length bytes + value bytes as in Data Transactions. Prefix string and the host is required for security purposes if malicious service tries to use transaction data and signature from Auth API it would be useless to broadcast into blockchain.

          We also suggest address validation in case the signature and public key is valid but the address was swapped.

          See code examples in the Keeper Wallet API (opens new window) documentation.

          Payment API
          Gateway API
          Payment API
          Gateway API