> For the complete documentation index, see [llms.txt](https://docs.gobtcpay.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.gobtcpay.com/api-reference/wallet-api/authentication.md). # Authentication Challenge–response authentication. Request a message to sign with the wallet key, exchange the signature for a JWT pair, and refresh it. ## Get sign-in challenge > Starts the authentication challenge. Returns a one-time \`messageToSign\` and a \`challengeId\` bound to the supplied public key (valid until \`expiresAt\`, \~5 min). Sign \`messageToSign\` verbatim with the corresponding private key using Bitcoin message signing (secp256k1 ECDSA), then exchange it for tokens via \*\*Get access tokens\*\*. ```json {"openapi":"3.1.0","info":{"title":"GoBTC Pay Wallet API","version":"1.45.2"},"tags":[{"name":"Authentication","description":"Challenge–response authentication. Request a message to sign with the wallet key, exchange the signature for a JWT pair, and refresh it."}],"servers":[{"url":"https://api.gobtcpay.com/public/api/v1.1"}],"security":[],"paths":{"/instant/auth/get-data-to-sign":{"post":{"summary":"Get sign-in challenge","description":"Starts the authentication challenge. Returns a one-time `messageToSign` and a `challengeId` bound to the supplied public key (valid until `expiresAt`, ~5 min). Sign `messageToSign` verbatim with the corresponding private key using Bitcoin message signing (secp256k1 ECDSA), then exchange it for tokens via **Get access tokens**.","tags":["Authentication"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"userPubKeyHex":{"type":"string","description":"Public key of the user's Bitcoin wallet to authenticate — compressed secp256k1 key, hex (33 bytes / 66 chars)."}},"required":["userPubKeyHex"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}},"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string"},"result":{"type":"object","properties":{"$case":{"type":"string","const":"success"},"success":{"type":"object","properties":{"challengeId":{"type":"string","description":"Unique id of this challenge. Pass it back to **Get access tokens** together with your signature."},"messageToSign":{"type":"string","description":"Message to sign verbatim with the wallet private key (Bitcoin message signing, secp256k1)."},"expiresAt":{"type":"integer","minimum":0,"description":"When the challenge expires, Unix timestamp (seconds). Sign and submit before this time (~5 min)."}},"required":["challengeId","messageToSign","expiresAt"],"additionalProperties":false}},"required":["$case","success"],"additionalProperties":false}},"required":["id","result"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}},"500":{"description":"Error response","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"object","properties":{"statusCode":{"type":"number","description":"Numeric error status code."},"description":{"type":"string","description":"Human-readable description."},"statusMessage":{"type":"string","description":"Short machine-readable error message."}},"required":["statusCode","description","statusMessage"],"additionalProperties":false}},"required":["error"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}}}}}}} ``` ## Get access tokens > Completes the authentication challenge. Submit the \`challengeId\` from \*\*Get sign-in challenge\*\* together with the hex-encoded 64-byte compact \`signature\` of \`messageToSign\`. Returns a short-lived \`accessToken\` (send it as \`Authorization: Bearer \\`) and a long-lived \`refreshToken\`. ```json {"openapi":"3.1.0","info":{"title":"GoBTC Pay Wallet API","version":"1.45.2"},"tags":[{"name":"Authentication","description":"Challenge–response authentication. Request a message to sign with the wallet key, exchange the signature for a JWT pair, and refresh it."}],"servers":[{"url":"https://api.gobtcpay.com/public/api/v1.1"}],"security":[],"paths":{"/instant/auth/get-jwt":{"post":{"summary":"Get access tokens","description":"Completes the authentication challenge. Submit the `challengeId` from **Get sign-in challenge** together with the hex-encoded 64-byte compact `signature` of `messageToSign`. Returns a short-lived `accessToken` (send it as `Authorization: Bearer `) and a long-lived `refreshToken`.","tags":["Authentication"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"challengeId":{"type":"string","description":"The `challengeId` returned by **Get sign-in challenge** (`/instant/auth/get-data-to-sign`)."},"signature":{"type":"string","description":"Hex-encoded 64-byte compact signature of the `messageToSign` from **Get sign-in challenge**."}},"required":["challengeId","signature"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}},"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string"},"result":{"type":"object","properties":{"$case":{"type":"string","const":"success"},"success":{"type":"object","properties":{"accessToken":{"type":"string","description":"Short-lived JWT access token. Send it as `Authorization: Bearer ` on authenticated requests."},"refreshToken":{"type":"string","description":"Long-lived JWT refresh token. Use it at **Refresh access tokens** to obtain a new token pair."}},"required":["accessToken","refreshToken"],"additionalProperties":false}},"required":["$case","success"],"additionalProperties":false}},"required":["id","result"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}},"500":{"description":"Error response","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"object","properties":{"statusCode":{"type":"number","description":"Numeric error status code."},"description":{"type":"string","description":"Human-readable description."},"statusMessage":{"type":"string","description":"Short machine-readable error message."}},"required":["statusCode","description","statusMessage"],"additionalProperties":false}},"required":["error"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}}}}}}} ``` ## Refresh access tokens > Exchanges a valid refresh token for a fresh \`accessToken\` / \`refreshToken\` pair without repeating the signing challenge. Send the refresh token as \`Authorization: Bearer \\` with an empty body. ```json {"openapi":"3.1.0","info":{"title":"GoBTC Pay Wallet API","version":"1.45.2"},"tags":[{"name":"Authentication","description":"Challenge–response authentication. Request a message to sign with the wallet key, exchange the signature for a JWT pair, and refresh it."}],"servers":[{"url":"https://api.gobtcpay.com/public/api/v1.1"}],"security":[{"walletAuth":[]}],"components":{"securitySchemes":{"walletAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Wallet access token obtained from `/instant/auth/get-jwt` via the signature challenge flow. Send it as `Authorization: Bearer `. Refresh it via `/instant/auth/refresh-jwt` when it expires."}}},"paths":{"/instant/auth/refresh-jwt":{"post":{"summary":"Refresh access tokens","description":"Exchanges a valid refresh token for a fresh `accessToken` / `refreshToken` pair without repeating the signing challenge. Send the refresh token as `Authorization: Bearer ` with an empty body.","tags":["Authentication"],"parameters":[],"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string"},"result":{"type":"object","properties":{"$case":{"type":"string","const":"success"},"success":{"type":"object","properties":{"accessToken":{"type":"string","description":"Short-lived JWT access token. Send it as `Authorization: Bearer ` on authenticated requests."},"refreshToken":{"type":"string","description":"Long-lived JWT refresh token. Use it at **Refresh access tokens** to obtain a new token pair."}},"required":["accessToken","refreshToken"],"additionalProperties":false}},"required":["$case","success"],"additionalProperties":false}},"required":["id","result"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}},"500":{"description":"Error response","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"object","properties":{"statusCode":{"type":"number","description":"Numeric error status code."},"description":{"type":"string","description":"Human-readable description."},"statusMessage":{"type":"string","description":"Short machine-readable error message."}},"required":["statusCode","description","statusMessage"],"additionalProperties":false}},"required":["error"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}}}}}}}} ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.gobtcpay.com/api-reference/wallet-api/authentication.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.