Grindery Nexus Authentication Process
This documentation describes the Grindery Nexus API authentication flow and it is primarily for developers who work on apps that use Nexus platform.
Getting Started
A developer needs authentication to use the Nexus API (read/edit/create/delete workflows, etc): https://github.com/grindery-io/grindery-nexus-client/blob/master/DOCUMENTATION.md
The authentication flow is compliant with OAuth2 standard and requires users to sign an authentication message using their metamask wallets. In a nutshell, the Grindery Nexus Authentication flow is as follows:
Web client compiles challenge message and signature into a “code” string, and sends to Nexus auth server.
Auth URLs
get challenge message
Method: GET
Query props:
Response props:
get access token
Method: POST
Body props:
code - base64 encoded JSON string containing auth message and signature {"message":"xxx", "signature": "xxx"}
Response props:
register auth session
Method: POST
Body props:
refresh_token - Optional. If set will set a long term httpOnly authentication cookie. If not set will clear the cookie.
refresh access token
Method: POST
Body props:
Response props:
Simplifying Development
To simply development, Grindery provides you with an authentication page and a React hook. They are as follows:
Authentication page
A page for user authentication where challenge message fetching and metamask signing is already implemented. The page can be used as an entry point, to get the user's authentication “code” containing a signed challenge message. The “code” can then be exchanged to the “access_token”.
Required query params:
Once authenticated, a user will be redirected to the “redirect_uri”. The “code” string that can be exchanged to access_token will be added as a query param to the redirect url.
React hook
A reusable ReactJS component that handles user authentication state in React app.
Github: https://github.com/grindery-io/use-grindery-nexus
NPM: https://www.npmjs.com/package/use-grindery-nexus
Github: https://github.com/grindery-io/use-grindery-nexus
NPM: https://www.npmjs.com/package/use-grindery-nexus
The hook takes care of the authentication flow and provides: