0xPass
Search
⌃K
📜

Authorization

0xPass's JWT Token Scheme

Overview

When a user connects their wallet and authenticates themselves, 0xPass provides an authentication token in the form of a JWT.
This provides verifiable proof of wallet ownership and should be used to secure communication between your frontend and backend.

​

Access Token

Access tokens are JSON Web Tokens (JWT) which contain the following claims with user information such as:
  • sid represents the user's current session ID.
  • sub corresponds to the user's 0xPass ID.
  • iss indicates the token issuer, which should always be 0xpass.io.
  • aud is your project API Key.
  • iat is the timestamp for when the JWT was issued.
  • exp is the timestamp when the JWT will expire and become invalid, typically 1 hour after issuance.

​

Usage

You should use the 0xPass JWT to secure the communication between your frontend and backend. For each of these components, you should do the following: