HiveAuth
HomeGitHub
  • Introduction
    • Authentication
    • Signing and Broadcasting Transactions
    • Why use Hive Authentication Services?
  • Support
  • Developer documentation
    • Protocol description
      • Authentication
      • Transactions
      • Challenge
    • HAS for Applications
      • Connection
      • Encryption key (auth_key)
      • Authentication
        • Authentication request
        • Authentication payload
        • Authentication approval
        • Authentication refusal
        • Errors
        • Expiration
      • Transactions
        • Transaction request
        • Feedback to user
        • Transaction approval
        • Transaction refusal
        • Errors
        • Expiration
      • Challenge
        • Challenge request
        • Feedback to user
        • Challenge approval
        • Challenge refusal
        • Errors
        • Expiration
      • Attach
  • HAS for Wallets (PKSA)
    • Connection
    • Server Encryption Key retrieval
    • Proof of Key
    • Account registration
    • Authentication
      • Authentication payload
      • Authentications request
      • Feedback to user
      • Authentication approval
      • Authentication refusal
      • Errors
    • Transactions
      • Transaction request
      • Feedback to user
      • Transaction approval
      • Transaction refusal
      • Errors
    • Challenge
      • Challenge request
      • Feedback to user
      • Challenge approval
      • Challenge refusal
      • Errors
  • Tutorials
    • App code example
      • HAS Wrapper library
      • HTML code example
      • .NET code example
    • PKSA code example
      • Service Mode
  • Resources
    • Materials
Powered by GitBook
On this page
  • challenge_req
  • challenge_req_data
  1. HAS for Wallets (PKSA)
  2. Challenge

Challenge request

When an APP request the PKSA to sign a challenge, it will receive the following message:

challenge_req

{
    cmd: "challenge_req"
    account: string
    data: string
    uuid: string
    expire: number
    token: the authentication token - DEPRECATED since protocol v1
}
  • account: the Hive account name

  • data: the Base64 representation of an encrypted challenge_req_data object

  • uuid {string} the transaction request identifier

  • expire {Number} UNIX time when the request will expire

  • token: the authentication token - Deprecated since protocol v1

The PKSA must decrypt the challenge_req_data object using the encryption key previously shared with the APP (auth_key)

The structure of the challenge_req_data is:

challenge_req_data

{
    key_type: string,
    challenge: string,
    decrypt: boolean = false // protocol >= 1
    nonce: number
}
  • key_type: the key type required to sign the transactions. It can be one of posting|active|memo.

  • challenge: a string to be signed

  • decrypt: (optional - default value is false) indicates if the passed challenge must be encrypted (decrypt=false) or decrypted (decrypt=true) before being returned by the PKSA

  • nonce: UNIX time of the request

PreviousChallengeNextFeedback to user

Last updated 1 year ago