# Authentication

{% hint style="info" %}
This is only required for making changes to your Cluster. Querying does not require authentication.
{% endhint %}

1. Get signing message
2. Sign the message with an EVM or Solana wallet
3. Get authentication key with the signature of the signed message
4. Using authenticate key with endpoints that require wallet authentication

***

**Get Signing Message**

<mark style="color:green;">`GET`</mark> `/v1/auth/message`

Get the signing message used for wallet signature authentication

**Example**

```bash
curl -X GET 'https://api.clusters.xyz/v1/auth/message'
```

**Response**

> The message to sign and the corresponding signing date

{% tabs %}
{% tab title="200" %}

```json
{
  "message": "clusters.xyz verification\n\nBefore interacting with certain functionality, we require a wallet signature for verification.\n\n2024-05-14T19:08:27.985Z",
  "signingDate": "2024-05-14T19:08:27.985Z"
}
```

{% endtab %}
{% endtabs %}

***

**Get Authentication Key**

<mark style="color:green;">`POST`</mark> `/v1/auth/token`

Authenticate the ownership of a specific wallet

| Name          | Description                                      |
| ------------- | ------------------------------------------------ |
| `signature`   | Signed message signature                         |
| `signingDate` | Date given by signing message response           |
| `type`        | `evm` or `solana` (wallet type used for signing) |
| `wallet`      | Wallet that signed the message                   |

**Example**

```bash
curl --request POST \
  --url https://api.clusters.xyz/v1/auth/token \
  --header 'Content-Type: application/json' \
  --data '{
  "signature": "abc123",
    "signingDate": "2024-05-14T19:08:27.985Z",
    "type": "evm",
    "wallet": "0x0000000000000000000000000000000000000000"
  }'
```

**Response**

> The auth key used for authenticated responses

{% tabs %}
{% tab title="200" %}

```json
{
  "token": "RmUyNi4yKjEqZjkyOGU3OWNjMmY5NDlkODZmM2I4OWQzNWFjOWIwODQxYjVkMTlmMTY3MzNjYjRjYjdjNmE4MWU3MTE5MzAwNSpkb0hLZ1FURGN1WWhhY2VFeHZxdWh3KnZQdkNhSm02QVk5dEJwZFdVUnNuTTBNVk9vZGNaa1Z4dE5ObENiWjNKWUcxdllXR1J0TkVpdFo4b2ZZNVJ6aW5Qd005OFhkTUtWS2ZscmhtRHJzTnN5cEdaa1E4YWZZMnVTaXpSUjhQdUp3ZFpmNFF3YXZaWGdweDdSbHVfbk1hN3c0WlQ2bktvVGtDSVVJVmVhb3VLUSoxNzQ2ODExMDYyMTU5KjViMzY4YWY3ZTcwZmU3YTI2Mjc1OGRkZmQyMDVlYzU0NzkxYjcwMzZjNzc3YWFlMDJkMmRhYWI3NzMzMzYwOTIqSVhXZnNnU3Z6c0RHdEpYemFqMGw1YzIzdVgyNzV4M3RBSG1jWXZxZ2dUc34y"
}
```

{% endtab %}
{% endtabs %}

***

**Validate Authentication Token**

<mark style="color:green;">`GET`</mark> `/v1/auth/validate`

Authenticate if a authentication key is valid or not

<table><thead><tr><th width="380.63671875">Name</th><th>Description</th></tr></thead><tbody><tr><td>HEADER <code>Authorization: Bearer {AUTHKEY}</code></td><td>Authentication key</td></tr></tbody></table>

**Example**

```bash
curl --request GET
--url https://api.clusters.xyz/v1/auth/validate
--header 'Authorization: Bearer eyJzaWduYXR1cmUiOiJhYmMxMjMiLCJzaWduaW5nRGF0ZSI6IjIwMjQtMDUtMTRUMTk6MDg6MjcuOTg1WiIsInR5cGUiOiJldm0iLCJ3YWxsZXQiOiIweDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAifQ=='
```

**Response**

> The auth key used for authenticated responses

{% tabs %}
{% tab title="200" %}

```json
{
  "signature": "abc123",
  "signingDate": "2024-05-14T19:08:27.985Z",
  "type": "evm",
  "wallet": "0x0000000000000000000000000000000000000000",
  "isValid": false
}
```

{% endtab %}
{% endtabs %}