Most of our APIs require a form of user authentication, for which we have provided several means of obtaining that authentication, any of which can be provided in any order.
Crypto Wallet authentication allows you to have a user sign in with their crypto wallet by performing a signing transaction. Email and SMS OTP will send one-time codes to the method specified.
Once a successful authentication takes place, you will receive a
JWTthat is to be passed into the
Authorizationheader as a
Bearertoken for subsequent requests. When adding a second authentication factor, such as SMS after an Email OTP, you must add the initial
JWTto the headers for the subsequent auth calls to ensure they're authenticated to the same session.
JWTtokens have a lifetime of 5 minutes, and a user session has a lifetime of 10 minutes of inactivity.
JWTnears expiry, we will refresh it in the background and provide you a new
JWTin the following response header:
If you encounter this header, you should begin using the new
Making calls to read (
GET) APIs only require a single form of authentication by a user, whether it be wallet signing, SMS, or Email. However, you will require MFA to make a write call (
PUT, etc.) for things such as adding a wallet or sending a transaction.
Ratio user accounts are accessible across a wide variety of applications. You must implement Account Linking so that existing Ratio users can link your application to their account and bypass onboarding