POST /api/auth/challenge

Request a nonce for wallet-based authentication. The nonce is stored server-side with a 5-minute TTL.

Request

POST /api/auth/challenge
Content-Type: application/json

Authentication: None

Body

Field

Type

Required

Description

wallet

string

Yes

Solana wallet address (base58, 32-44 characters)

Example

curl -X POST https://api-blowfish.neuko.ai/api/auth/challenge \
  -H "Content-Type: application/json" \
  -d '{"wallet": "7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU"}'

Response

200 OK

{
  "nonce": "base64-encoded-32-random-bytes"
}

Errors

Status

Error

Cause

400

wallet is required

Missing or non-string wallet field

400

Invalid wallet address format

Address fails Solana PublicKey validation

500

Internal server error

Unexpected server error

Notes

Each wallet can only have one active nonce at a time. Requesting a new challenge overwrites any previous nonce for that wallet.
The nonce expires after 5 minutes. If not used within that window, request a new one.
Next step: sign the nonce and submit to POST /api/auth/verify.

PreviousOverview NextPOST /api/auth/verify

Last updated 18 minutes ago

Good afternoon

hashtagRequest

hashtagBody

hashtagExample

hashtagResponse

hashtag200 OK

hashtagErrors

hashtagNotes