Authentication

This API uses two authentication methods:

Signed Fetch (Primary)

Most endpoints use Signed Fetch authentication (ADR-44), which cryptographically signs requests using the user's Ethereum wallet. This ensures that requests are genuinely from the wallet owner without requiring traditional API keys.

Header: Authorization: <signed-fetch-token>
Required for: All user-facing endpoints
Optional on: Public read endpoints (returns additional data when authenticated)
Security: Prevents scene-based requests for additional security

Bearer Token (Admin)

Administrative endpoints use Bearer token authentication for system-level operations.

Header: Authorization: Bearer <API_ADMIN_TOKEN>
Required for: Admin and moderation endpoints
Used by: Backend services and authorized administrators

Key Concepts

Community Privacy

Public: Anyone can view and join
Private: Requires invitation or approval to join

Community Visibility

All (listed): Appears in public community listings
Unlisted: Only accessible via direct link, not shown in listings

Community Roles

owner: Full control over the community
moderator: Can manage members, posts, and settings
member: Regular community member
none: Not a member of the community

Request Types

invite: An invitation sent to a user to join a community
request_to_join: A request from a user to join a private community

PreviousOverview NextCommunities

Last updated 7 days ago

hashtagSigned Fetch (Primary)

hashtagBearer Token (Admin)

hashtagKey Concepts

hashtagCommunity Privacy

hashtagCommunity Visibility

hashtagCommunity Roles

hashtagRequest Types