📜
Authorization
0xPass's JWT Token Scheme
When a user connects their wallet and authenticates themselves, 0xPass provides an authentication token in the form of a JWT.
This provides verifiable proof of wallet ownership and should be used to secure communication between your frontend and backend.
Access tokens are JSON Web Tokens (JWT) which contain the following claims with user information such as:
sid
represents the user's current session ID.sub
corresponds to the user's 0xPass ID.iss
indicates the token issuer, which should always be 0xpass.io.aud
is your project API Key.iat
is the timestamp for when the JWT was issued.exp
is the timestamp when the JWT will expire and become invalid, typically 1 hour after issuance.
You should use the 0xPass JWT to secure the communication between your frontend and backend. For each of these components, you should do the following:
Last modified 2mo ago