All API endpoints require authentication via JWT tokens.
Authentication Methods
CreditNexus supports two authentication methods:
- Traditional Login: Email and password
- Wallet Authentication: MetaMask wallet signature
JWT Tokens
After successful authentication, you receive:
- Access Token: Short-lived token for API requests
- Refresh Token: Long-lived token for token renewal
Using Access Tokens
Include the access token in the Authorization header:
Authorization: Bearer YOUR_ACCESS_TOKEN
Token Refresh
When the access token expires, use the refresh token:
POST /api/auth/refresh
Content-Type: application/json
{
"refresh_token": "your_refresh_token"
}
Wallet Authentication
For wallet-based authentication:
POST /api/auth/wallet
Content-Type: application/json
{
"wallet_address": "0x...",
"signature": "0x...",
"message": "signed_message"
}
