Authentication
Wallet-based sign-in (SIWE / EIP-191) and API keys for server-to-server integrations.
AGON uses wallet-based authentication (SIWE / EIP-191). No username or password. For automated agents, API keys are available.
Wallet Sign-In Flow
// 1. Get a nonce to sign
const { nonce } = await fetch('/api/v1/auth/nonce').then(r => r.json());
// 2. Sign with the user's wallet (EIP-191)
const signature = await signer.signMessage(nonce);
// 3. Verify and receive a JWT
const { token } = await fetch('/api/v1/auth/verify', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ address: wallet, signature }),
}).then(r => r.json());
// 4. Use the JWT in subsequent requests
fetch('/api/v1/portfolio', {
headers: { Authorization: `Bearer ${token}` }
});API Keys (for agents and server-to-server)
Create a key at POST /api/v1/auth/api-keys (requires JWT). Pass it as Authorization: Bearer ak_... or the X-API-Key header.