Added auth enpoints from provider README. (#1155)

* Added auth enpoints from provider README. * Removed bytes format. * Replace with placeholder values. * Added ref to networks.
2022-12-21 06:36:51 -08:00 · 2022-12-21 06:36:51 -08:00 · 056a0dd8b2
parent 4c70542f5c
commit 056a0dd8b2
1 changed files with 79 additions and 1 deletions
--- a/api-references/provider-rest-api.md
+++ b/api-references/provider-rest-api.md
@ -4,6 +4,9 @@

 This document specifies the endpoints for Ocean Provider to be implemented by the core developers.

+If you want to see the provider URLs for our supported networks, kindly
+check for `Provider` component on
+this [page](https://docs.oceanprotocol.com/core-concepts/networks).
 ### nonce endpoint

 #### GET /api/services/nonce
@ -194,7 +197,7 @@ Response:
        "r": "0xabc123...",
        "s": "0xabc123...",
        "validUntil": 123456,
-    }
+    },
    "computeAddress": "0x8123jdf8sdsa..."
 }
 ```
@ -550,3 +553,78 @@ Response:
    ...
 ]
 ```
+
+### Authentication endpoints
+
+Provider offers an alternative to signing each request, by allowing users to generate auth tokens.
+The generated auth token can be used until its expiration in all supported requests.
+Simply omit the signature parameter and add the AuthToken request header based on a created token.
+
+Please note that if a signature parameter exists, it will take precedence over the AuthToken headers.
+All routes that support a signature parameter support the replacement, with the exception of auth-related ones
+(createAuthToken and deleteAuthToken need to be signed).
+
+#### GET /api/services/createAuthToken
+
+Allows the user to create an auth token.
+
+Parameters
+
+```
+address: String object containing consumer's address (optional)
+nonce: Integer, Nonce (required)
+signature: String object containg user signature (signed message)
+ The signature is based on hashing the following parameters:
+   address + nonce
+expiration: valid future UTC timestamp (required)
+```
+
+Returns:
+Created auth token.
+
+Example:
+
+```
+GET /api/services/createAuthToken?address=<your_address>&&nonce=<your_nonce>&&expiration=<expiration>&signature=<your_signature>
+```
+Inside the angular brackets, the user should provide the valid values for the request.
+
+Response:
+
+```
+{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NjAwNTMxMjksImFkZHJlc3MiOiIweEE3OGRlYjJGYTc5NDYzOTQ1QzI0Nzk5MTA3NUUyYTBlOThCYTdBMDkifQ.QaRqYeSYxZpnFayzPmUkj8TORHHJ_vRY-GL88ZBFM0o"}
+```
+
+
+#### DELETE /api/services/deleteAuthToken
+
+Allows the user to delete an existing auth token before it naturally expires.
+
+Parameters
+
+```
+address: String object containing consumer's address (optional)
+nonce: Integer, Nonce (required)
+signature: String object containg user signature (signed message)
+  The signature is based on hashing the following parameters:
+  address + nonce
+token: token to be expired
+```
+
+Returns:
+Success message if token is successfully deleted.
+If the token is not found or already expired, returns an error message.
+
+Example:
+
+```
+DELETE /api/services/deleteAuthToken?address=<your_address>&&nonce=<your_nonce>&&token=<your_token>&signature=<your_signature>
+```
+Inside the angular brackets, the user should provide the valid values for the request.
+
+Response:
+
+```
+{"success": "Token has been deactivated."}
+```
+