👨💻REST API
Authentication
Please review the Authentication section for details on using your API keys.
🛡️AuthenticationNFT Verification
Before starting verification, we typically want to show some kind of modal or introduction window, which requires metadata about the contract. We provide an endpoint to fetch the collection name, social links and images for this purpose.
Get contract metadata
POST
https://dmnd.network/verify/v1/contract/info
This endpoint returns metadata like collection name, social links and images. It's used by the Browser SDK to load data required to show the initial connection modal, and can be used to build your own connection UI.
Headers
X-API-KEY*
String
Your public API key if used on the frontend, or secret key for backend use
Request Body
chain*
Enum
ETH
, MATIC
or SOL
network*
Enum
Ethereum: mainnet
, testnet-ropsten
, testnet-rinkeby
Polygon: mainnet
, testnet-mumbai
Solana: mainnet
, testnet
, devnet
contract*
String
Contract address or Candy Machine ID
marketplace.name
Enum
OPENSEA
, LOOKS_RARE
, MAGIC_EDEN
or SOLANART
marketplace.slug
String
Marketplace slug, required for Solana
externalImages.avatarImage
String
Absolute URL to avatar image to override marketplace metadata. Automatically resized to 1:1 at 160px square
externalImages.bannerImage
String
Absolute URL to banner image to override marketplace metadata. Automatically resized to 3:1 at 256px height
Before starting verification, the user must connect their wallet. This is handled by client-side code, usually with the API or SDK for the users wallet (e.g Metamask or Phantom).
In order to make sure that users own the address their wallet claims, it needs to be verified. This is done by generating a single-use message (a 'nonce'), which must be signed. Once the users wallet is connected, fetch their address and make a request to the below endpoint to get a new nonce.
Get a new nonce
POST
https://dmnd.network/verify/v1/address/nonce
Generates a new nonce message which the user must sign and return to verify ownership.
Headers
X-API-KEY*
String
Your public API key
Pass the returned nonce to the the users wallet for signing. Once the nonce has been successfully signed, we send the signature to the API for verification, along with the original nonce.
Verify the signature
POST
https://dmnd.network/verify/v1/address/verify
This endpoint returns an SHA256 HMAC in the format expiration:SHA256("sk_YOUR_SECRET_KEY" + expiration + ":" + address)
, where expiration is a UNIX timestamp in seconds.
We use an expiring HMAC by default, however if you're generating a HMAC on your backend you can also generate an eternal version by omitting the expiration and colon, though this is not recommended.
This HMAC can be saved by your client implementation for future use, allowing users to skip the wallet connection and signature on subsequent visits, until the HMAC has expired.
Once you have a HMAC, either from this request or a previous request, you can continue to the actual verification request.
This step is technically optional as the API won't throw an error if a HMAC is not provided. However, result.wallet.verified
will be false in verification results, and we do not recommend it unless using on the backend with previously verified addresses.
Unlockables require address verification by default (though this can also be disabled), so requests without a HMAC won't be able to access them.
Verify NFT ownership
POST
https://dmnd.network/verify/v1/asset/nft
Yay, you've completed verification!
The response from this endpoint will include the verification result summary (whether they own at least one token, their address etc), along with the full list of tokens from the provided collection with any off-chain metadata.
Managing unlockables
You can use the API to create and manage unlockables.
List unlockables
GET
https://dmnd.network/verify/v1/unlockables
Create a new unlockable
POST
https://dmnd.network/verify/v1/unlockables
Get an unlockable by ID
GET
https://dmnd.network/verify/v1/unlockables/:id
Path Parameters
*
String
Unlockable ID
Update an unlockable
PUT
https://dmnd.network/verify/v1/unlockables/:id
Path Parameters
*
String
Unlockable ID
Delete an unlockable
DELETE
https://dmnd.network/verify/v1/unlockables/:id
Fetch unlockable content
You may wish to manually create a signed URL to access unlockable content. You can construct this URL on your backend, by creating a JWT as below, and signing it with your app secret key. The below example uses the jsonwebtoken
package, however can be adapted to any JWT library:
This endpoint does not support Webhook unlockables
Get unlockable content
GET
https://dmnd.network/verify/v1/unlockables/download
Query Parameters
token*
String
JWT for unlockable
appId*
String
ID of your app
Last updated