Preparing Wallet Authentication

To authenticate via Wallet, you need to first establish a valid wallet connection on the client-facing application, which should be connected to either Sepolia for Testnet or Ethereum for Mainnet, based on your organization's configuration. You can use the API to fetch the supported networks for all eligible networks of your organization. Refer to the section titled "Get Eligible Networks" for more information.

After establishing the wallet connection, the next step is to generate a signature using one of the APIs provided in the "Generate Signature" section. Once the signature is generated, you should use it to sign a message via the expected wallet using one of the eligible networks.

After the signature is approved from the wallet, you should initiate a GraphQL mutation from the wallet callback to the Mojito Backend in order to fetch the JWT token for the wallet connection.

API Protocol

Mojito uses GraphQL as the API protocol for the backend service interactions. To consume the services, you can use the following BASE URIs:

For the development environment: https://api-dev.mojito.xyz/
For the production environment: https://api.mojito.xyz/

Get Eligible Networks

Guidelines: This GraphQL query allows you to fetch the eligible networks configured for your organization. Below are some sample requests and responses for you to refer to.

Query Name: GetSupportedNetworks

Required Variables	Descriptions
orgId	● Mandatory: UUID ● This is a unique client ID for the project you are working on with Mojito. Please obtain this from the Mojito Support Team. ● Note: it is different for development and production environments.
includeTestnets	● Mandatory: Boolean ( true/false ) ● This flag determines whether to pull the eligible testnet networks for your organization or not.

Request Object:

Variables

{
	"orgId": "d4191c0a-8020-4a6a-bdb9-461d92b8c2de",
	"includeTestnets": true
}

Request

query GetSupportedNetworks($orgId: UUID1!, $includeTestnets: Boolean!) {
	getSupportedNetworks(orgId: $orgId, includeTestnets: $includeTestnets) {
	id
	name
	chainID
	isTestnet
	__typename
	}
}

Generate Signature

Guidelines: This GraphQL query allows you to generate a signature, which is the first step for authenticating the wallet from Mojito services. You will need to provide the wallet address and network ID as parameters.

The query will return a signature that needs to be signed by the crypto wallet. The signature is valid for 15 minutes from the time of generation.

Below are some sample requests and responses for you to refer to.

Query Name: getSignatureMessage

Required Variables	Descriptions
orgId	● Mandatory: UUID ● This is a unique client ID for the project you are working on with Mojito. Please obtain this from the Mojito Support Team. ● Note that it is different for development and production environments.
walletAddress	● Mandatory: EVM compatible Wallet Address ● Note that an EVM compatible wallet address is mandatory for this process. Please ensure that the wallet address you provide is compatible with the Ethereum Virtual Machine.
networkID	● Mandatory: UUID ● This is a unique network ID that is available from the "id" response field in the "GetSupportedNetworks" query. ● Please note that it may differ between the development and production environments.

Request Object:

Variables

{
	"orgID": "5a198d09-e243-491f-991a-f79e1cecdcc3",
	"walletAddress": "0xc7e893488a039a341d935959e52f86085976f865",
	"networkID": "b260424b-bb37-4a3e-86d0-0866175e5e68"
}

Request

query GetSignatureMessage(
	$orgID: UUID1!
	$walletAddress: String!
	$networkID: UUID1!
) {
	getSignatureMessage(
	orgID: $orgID
	walletAddress: $walletAddress
	networkID: $networkID
	)
}

Generate JWT Token

Guidelines: This GraphQL mutation allows you to fetch the JWT token using the wallet address that you previously signed the signature with. Please note that the previous signature generated should be valid for 15 minutes only and can only be used with the corresponding generated signatures.

Below are some sample requests and responses for you to refer to.

Query Name: loginWithSignature

Required Variables	Descriptions
orgId	● Mandatory: UUID ● This is a unique client ID for the project you are working on with Mojito. Please obtain this from the Mojito Support Team. ● Note that it is different for development and production environments
signer	● Mandatory: EVM compatible Wallet Address ● Note that an EVM compatible wallet address is mandatory for this process. Please ensure that the wallet address you provide is compatible with the Ethereum Virtual Machine.
chainID	● Mandatory: Int ● This is a unique chain ID that is available from the "chainID" response field in the "GetSupportedNetworks" query. ● Please note that it should be a valid chain ID for the network.
challenge	● Mandatory: String ● This is a message available from the response field of getSignatureMessage Query
signature	● Mandatory: String ● This is a signature signed from a crypto wallet.

Request Object:

Variables

{
	"orgID": "d086ea16-d40d-454c-84a4-64b5e940670a",
	"signer": "0xc7e893488a039a341d935959e52f86085976f865",
	"chainID": 11155111,
	"challenge": "This message is used for signature validation for organization
pace-test and wallet address 0xC7e893488A039A341d935959E52f86085976F865 at
2023-04-26T22:21:49Z",
	"signature":
	"0x9f73f49cc2d77ee8978d07cb6dfa7ec10b0bc4e145ee480b911b46d9f8c66de93e22efbc7601
b9a3fbc40ae3b5050c2f61717d655e08a88fe7febcdc410cc2721b"
}

Request

mutation loginWithSignature(
	$signature: String!
	$challenge: String!
	$signer: String!
	$orgID: UUID1!
	$chainID: Int!
) {
	loginWithSignature(
		orgID: $orgID
		request: {
		signature: $signature
		challenge: $challenge
		signer: $signer
		chainID: $chainID
	}
){
  token
	}
}

Conclusion

This document outlines the steps to perform wallet-based login for all EVM-based crypto wallets. Once you have collected the JWT token as described in this document, you can use it to consume all other backend services provided by Mojito.

For more documentation and references, please reach out to Mojito.

Reading Tip: It’s important to give your opinion! Would you recommend this doc to someone else?