# Signed Fetch

When protocol clients what to make authenticated HTTPs requests, they can leverage the standard *signed fetch* mechanism.

A signed fetch is request that includes an [authentication chain](/contributor/authentication/authchain.md), represented through headers. Servers with Decentraland-compatible APIs can validate identities before, for example, [allowing requests from scenes](https://github.com/decentraland/docs/blob/main/runtime/modules/signed_fetch.md) or creating [adapters](https://github.com/decentraland/docs/blob/main/comms/overview.md).

## Headers

The information the server needs to validate the authentication chain is relayed in 3+ headers:

* `X-Identity-Timestamp`: the `timestamp` field included in the signed payload (see below).
* `X-Identity-Metadata`: the `metadata` field included in the signed payload (see below).
* `X-Identity-AuthChain-<index>`: the [JSON-serialized authentication step](/contributor/authentication/authchain.md#constructing) `<index>`, starting from `0`.

The transmitted chain is validated by the server [as specified](/contributor/authentication/authchain.md).

## Body

The request body is unspecified. Services have full flexibility to use any protocols or formats they like.

## Payload

The authentication chain [payload](/contributor/authentication/authchain.md#constructing) for a signed fetch is a **lower-case, colon-separated** string that includes some of the request elements:

```
<method>:<path>:<timestamp>:<metadata>
```

The `method` and `path` fields must match those of the request, and `timestamp` is the same as in the `X-Identity-Timestamp` header.

The last field, `metadata`, can have arbitrary content.

For example:

```
get:/some/path:1682790056:{"some":"custom json"}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.decentraland.org/contributor/authentication/signed-fetch.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.