Endpoints
List of DeSo Identity Window API endpoints
This section describes all endpoints for the Window API.
Endpoints are called with URL parameters, some of which are optional. After the user completes the flow within the window, Identity will send a postMessage response.
log-in
This endpoint is used to handle user login or account creation.
Request
URL Parameters
accessLevelRequest (optional)
int
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
webview (optional)
bool
Whether we're using webview. Default is false
jumio (optional)
bool
Whether to show "get free deso" during signup. Default is false
referralCode (optional)
string
hideGoogle (optional)
bool
Hide Google login from the Identity UI. Default is false
accessLevelRequest can take values from {0, 2, 3, 4}. You should only ask for the lowest permission that fits the requirements of your application.
Here's what each level means:
Response
For a log in or sign up action, the selected publicKey will be included in publicKeyAdded.
When a user signs up the signedUp field will be set to true, otherwise it'll be false for log in.
An application should store the current publicKeyAdded and users objects in its local storage.
You should always overwrite the existing, saved users.
When an application wants to sign a transaction or decrypt a message, the accessLevel, accessLevelHmac, and encryptedSeedHex values will be required.
logout
Logout is used to reset the accessLevel of an individual user. You should handle user logout by calling this endpoint.
When you logout a user, you should delete the corresponding userCredentials entry form the local storage/database.
Request
URL Parameters
publicKey
string
Public key of the user that is logging out
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
webview (optional)
bool
Whether we're using webview. Default is false
Response
approve
The approve endpoint is used for transaction signing.
For example, if you requested accessLevel=3 and want to sign a BasicTransfer transaction (constructed via api/v0/send-desoBackend API), you would need to use the approve endpoint because BasicTransfer requires accessLevel=4.
If the transaction you want to sign is within the scope of the accessLevel you have, you should sign it through the Identity: iFrame API.
Request
URL Parameters
tx
string
Transaction hex of the transaction to sign
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
webview (optional)
bool
Whether we're using webview. Default is false
Response
derive
The derive endpoint is used to generate a derived key for a user.
When you hold a derived key, you can sign transactions for a user without having to interact with the DeSo Identity Service.
After the Transaction Spending Limits fork height hits, derived keys will require authorization of transaction spending limits, which provides granular permissions on transaction type and even more granular permissions on NFTs, Creator Coins, and DAO Coins.
Request
URL Parameters
callback (optional)
string
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
webview (optional)
bool
Whether we're using webview. Default is false
TransactionSpendingLimit
string
PublicKey
String
Public key (in base 58) for which you want to generate a derived key (Optional)
DerivedPublicKey
String
Derived key (in base 58) that you want to use instead of allowing identity to generate a new one (Optional)
Response
Assuming, we've passed callback=auth://derive, the payload will be sent as a GET request like this:
get-shared-secrets
This endpoint is intended to be used in combination with derived keys.
It allows you to get message encryption/decryption keys, or shared secrets, so that you can read messages without querying Identity (as is traditionally done via Identity: iFrame API).
The get-shared-secrets endpoint requires a callback as well as other URL parameters that are used to verify ownership of the derived key.
The get-shared-secrets endpoint allows to fetch multiple shared secrets at once.
For example, if the owner of the derived key was public key A, and we wanted to read conversations between parties B,C,D (or more) we would set ownerPublicKey=A and messagePublicKeys=B,C,D .
Request
URL Parameters
callback
string
ownerPublicKey
string
Master public key that was used to get the derived key
derivedPublicKey
string
Derived public key
JWT
string
JWT signed by the derived key, it's passed as derivedJwt in /derive
messagePublicKeys
Public keys of users for which we want to fetch shared secrets.
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
Response
get-free-deso
The get-free-deso endpoint allows for launching the Jumio KYC flow, and if completed successfully, it will end up sending your users free starter DeSo or their referral bonus.
Request
URL Parameters
public_key
string
Public key of the user to be KYC verified
referralCode (optional)
string
Referral code to be used in Jumio
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
Response
The signedUp boolean variable determines if the user has logged in or signed up, and jumioSuccess indicates if the Jumio KYC was successful.
verify-phone-number
The verify-phone-number endpoint will give the user some starter DeSo after a successful phone verification.
Request
URL Parameters
public_key
string
Public key of the user to be phone verified
testnet (optional)
bool
Whether we're on testnet or mainnet. Default is false
Response
The signedUp boolean variable determines if the user has logged in or signed up, and phoneNumberSuccess indicates if the phone verification was successful.
Last updated
Was this helpful?