👨💻REST API
Authentication
Please review the Authentication section for details on using your API keys.
NFT Verification
Before starting verification, we typically want to show some kind of modal or introduction window, which requires metadata about the contract. We provide an endpoint to fetch the collection name, social links and images for this purpose.
Get contract metadata
POST https://dmnd.network/verify/v1/contract/info
This endpoint returns metadata like collection name, social links and images. It's used by the Browser SDK to load data required to show the initial connection modal, and can be used to build your own connection UI.
Headers
Request Body
Before starting verification, the user must connect their wallet. This is handled by client-side code, usually with the API or SDK for the users wallet (e.g Metamask or Phantom).
In order to make sure that users own the address their wallet claims, it needs to be verified. This is done by generating a single-use message (a 'nonce'), which must be signed. Once the users wallet is connected, fetch their address and make a request to the below endpoint to get a new nonce.
Get a new nonce
POST https://dmnd.network/verify/v1/address/nonce
Generates a new nonce message which the user must sign and return to verify ownership.
Headers
Pass the returned nonce to the the users wallet for signing. Once the nonce has been successfully signed, we send the signature to the API for verification, along with the original nonce.
Verify the signature
POST https://dmnd.network/verify/v1/address/verify
This endpoint returns an SHA256 HMAC in the format expiration:SHA256("sk_YOUR_SECRET_KEY" + expiration + ":" + address), where expiration is a UNIX timestamp in seconds.
We use an expiring HMAC by default, however if you're generating a HMAC on your backend you can also generate an eternal version by omitting the expiration and colon, though this is not recommended.
This HMAC can be saved by your client implementation for future use, allowing users to skip the wallet connection and signature on subsequent visits, until the HMAC has expired.
Once you have a HMAC, either from this request or a previous request, you can continue to the actual verification request.
This step is technically optional as the API won't throw an error if a HMAC is not provided. However, result.wallet.verified will be false in verification results, and we do not recommend it unless using on the backend with previously verified addresses.
Unlockables require address verification by default (though this can also be disabled), so requests without a HMAC won't be able to access them.
Verify NFT ownership
POST https://dmnd.network/verify/v1/asset/nft
Yay, you've completed verification!
The response from this endpoint will include the verification result summary (whether they own at least one token, their address etc), along with the full list of tokens from the provided collection with any off-chain metadata.
Managing unlockables
You can use the API to create and manage unlockables.
List unlockables
GET https://dmnd.network/verify/v1/unlockables
Create a new unlockable
POST https://dmnd.network/verify/v1/unlockables
Get an unlockable by ID
GET https://dmnd.network/verify/v1/unlockables/:id
Path Parameters
Update an unlockable
PUT https://dmnd.network/verify/v1/unlockables/:id
Path Parameters
Delete an unlockable
DELETE https://dmnd.network/verify/v1/unlockables/:id
Fetch unlockable content
You may wish to manually create a signed URL to access unlockable content. You can construct this URL on your backend, by creating a JWT as below, and signing it with your app secret key. The below example uses the jsonwebtoken package, however can be adapted to any JWT library:
This endpoint does not support Webhook unlockables
Get unlockable content
GET https://dmnd.network/verify/v1/unlockables/download
Query Parameters
Last updated