Authentication

For app's server to request any data from the Fyre server using APIs, it needs to authentication itself to Fyre backend.

Authentication happens on every single request by sending a digital signature in the request body. The Fyre server verifies the signature before sending data.

In order to generate a signature, the app's server need to sign message (message feld of the request body) using registered app's private key and send the signature in fyresign field of the request body.

Sample code snippet to generate signature in Javascript:

// Require web3 packages
const web3 = require("web3");
const Web3 = new web3();

// generates signature and messageHash
const generateSignature = async (privateKey, message) => {
const { signature, messageHash } = await Web3.eth.accounts.sign(
    JSON.stringify(message),
    privateKey
  );
  return {
    message,
    fyresign: signature,
    messageHash
  };
};
// sample request message 
const message = {
  "appId": "6274a30fc43e35144642a484",
  "externalUserId": "456fhrghtuht374",
  "eventId": "6274b4cde7556226721e620c",
  "isEmail": false,
  "iat": Math.floor(Date.now() / 1000); //in seconds,
  "exp": Math.floor((Date.now() + (3600 * 24 * 1000)) / 1000),  //valid for a day,
  "metaData": {
    "limit": 10, // fetching 10 records 
    "page": 1,
  }
}
const privateKey = "0x5b79b6758d25694e8fef4f769a48f768bf838dd17fec4d9c54bcf7cd3b4a0e1a"; // generated during app's registration on Hyperfyre admin dashboard.
const { message, fyresign, messageHash } = generateSignature(privateKey, message);

In the above code, we used standard web3 package to generate digital signature. There are libraries available in various different languages like JavaScript, Go etc which can used based on requirement.

To sign a message, all you have to do is, use web3.eth.sign() function. The funcation takes two parameters:

• a message: Will contain the request parameters, depending on the need.

• a privateKey: Generated during the app registration phase.

web3.eth.sign() returns three values message, signature and messageHash.

The server need to send all these parameters in the request body of any API call to Fyre backend.

Note:

1. Make sure to send the signature in the fyresign field in the request body.

2. We only accept message in specific format. Read the API documentation to understand the message format.

We learnt how an app's server can produce a digital signature in order to authenticate itself to Fyre server and request data, in the next section we will see what all APIs available and how to call them.