Authentication

Most of the AccessTime API endpoints are public and do not require authentication. However, some write operations may require an API key or wallet signature verification.

Public Endpoints (No Auth Required)

These endpoints are available to everyone:

• Fetching project metadata.
• Getting subscription details and vote results.
• Retrieving available categories and payment methods.

Private Endpoints (Auth Required)

Some endpoints, such as project owner settings and file uploads, require authentication. The authentication method varies based on the operation:

1. Wallet-Based Authentication

For owner-related actions, authentication is handled via wallet signature verification.

Backend Signature Generation

import { AuthSignature } from "@accesstimeio/accesstime-common";
import { encodeAbiParameters } from "viem";
import { privateKeyToAccount } from "viem/accounts";
 
const account = privateKeyToAccount("0xAccountPrivateKey");
 
const timestamp = BigInt(Math.floor(Date.now() / 1000)); 
 
const authMessage = encodeAbiParameters(AuthSignature.abiParameters, [ 
    timestamp, 
    account.address, 
    AuthSignature.version 
]); 
const authSignature = await account.signTypedData({ 
    domain: AuthSignature.domain, 
    types: AuthSignature.types, 
    primaryType: "Auth", 
    message: { 
        timestamp, 
        caller: account.address, 
        apiVersion: AuthSignature.version 
    }, 
}); 

Frontend Signature Generation

🚧 under construction 🚧

2. API Keys (Future Feature)

For automated interactions, we may introduce API key-based authentication in the future.