This documentation describes the Grindery Nexus API authentication flow and it is primarily for developers who work on apps that use Nexus platform.


A developer needs authentication to use the Nexus API (read/edit/create/delete workflows, etc): 

https://github.com/grindery-io/grindery-nexus-client/blob/master/DOCUMENTATION.md

The authentication flow is compliant with OAuth2 standard and requires users to sign an authentication message using their metamask wallets. In a nutshell, the 

Web client gets user wallet address using metamask.


Web client sends user wallet address to the Nexus auth server, and receives  a challenge message.


User signs the message using the metamask extension.


Web client compiles challenge message and signature into a “code” string, and sends to Nexus auth server.


Nexus auth server returns access token that can be used to access the Nexus API.


https://orchestrator.grindery.org/oauth/session

address - EVM wallet address of the user


message - string, that should be signed by user using MetaMask


https://orchestrator.grindery.org/oauth/token

code - base64 encoded JSON string containing auth message and signature {"message":"xxx", "signature": "xxx"}


https://orchestrator.grindery.org/oauth/session-register

refresh_token - Optional. If set will set a long term httpOnly authentication cookie. If not set will clear the cookie.


refresh_token - refresh_token returned in the access token request.


To simply development, Grindery provides you with an authentication page and a React hook. They are as follows:


A page for user authentication where challenge message fetching and metamask signing is already implemented. The page can be used as an entry point, to get the user's authentication “code” containing a signed challenge message. The “code” can then be exchanged to the “access_token”.


https://orchestrator.grindery.org/oauth/authorize

Once authenticated, a user will be redirected to the “redirect_uri”. The “code” string that can be exchanged to access_token will be added as a query param to the redirect url.


A reusable ReactJS component that handles user authentication state in React app.Github: 

https://github.com/grindery-io/use-grindery-nexus

https://www.npmjs.com/package/use-grindery-nexus

The hook takes care of the authentication flow and provides:


“connect” method, to initiate auth process.


“disconnect” method, to stop user session.


“user” property that contains user ID


“token” object that contains access token, refresh token (basically it contains the response of “get access token endpoint”)


“address” property that contains user’s wallet address

Grindery Nexus Authentication Process

grindery

Business

Welcome

Courses

Miscellaneous

Funding and Grants

Grindery Planning Sessions: August 2022

Onboarding

gWork

Developers

Review

Partners

Active Topics

Grindery Nexus Feedback 2.0

Grindery Nexus Feedback

Demo Day Priority

Nexus Review 3

Grindery: A Simple Plan

Team

External Document List

Snapshot App development

Grindery Sanity Check

Developing Web3 Connectors

Grindery Payment Rails

Grindery Payment Rails - Celer

Demo Day Connectors

Roadmap

Grindery Grant Program (WEB)

Grindery Infinite Fundrising (9-6-2022) - current

Grindery Infinite Fundraising

Harmony DAO

The Graph

Storage

Snapshot-XMTP-Grindery