-
Notifications
You must be signed in to change notification settings - Fork 1
Authorization
API calls requiring Pioneer-specific data use Access Tokens obtained via the Pi App Platform SDK's Pi.Authenticate function. Include the token in the Authorization header:
Authorization: Bearer <Pioneer's access token>
Example Code (Python):
const headers = { headers: { authorization: "Bearer " + { PioneerAccessToken } }};
axios.get("https://api.minepi.com/v2/me", headers);The Pi.Authenticate function of the Pi SDK provides an AuthResults object:
AuthResults{
accessToken: string,
user: {
uid: string
}
}Security Note: Use the accessToken from the frontend only for verification with the /me API endpoint. Do not store it long-term for identifying the Pioneer, as it is dynamic.
-
Pass to Backend: Send the
accessTokenfrom your frontend to your server. -
Call
/meEndpoint: Make a request to the Pi API's/meendpoint using the following header format:Authorization: Bearer <Pioneer's access token>Example (Python with Axios):
const PioneerAccessToken = accessToken_Obtained_from_App_Frontend; const header = { headers: { authorization: "Bearer " + PioneerAccessToken }}; axios.get("https://api.minepi.com/v2/me", header);
-
Handle Response:
-
Success (200): The
/meendpoint returns aUserDTOobject containing the verifieduid:Object{ user: { uid: string, username: string } }
-
Error (401): The Access Token is invalid.
-
-
Create Unique Records: The verified
uidfrom the/meendpoint can reliably create unique records in your app's database. -
Personalized Experience: Use the
uidto retrieve stored information like purchases or progress, enabling seamless login-free personalization.
Important: Use the verified uid from the /me endpoint, not the initial uid returned by Pi.Authenticate.
Certain API calls require authorization from your app's server-side for security reasons. To use a Server API Key:
-
Obtain from the Developer Portal: Instructions for generating a Server API Key can be found in the appropriate section of the Developer Portal guide.
-
Include in Authorization Header: Add the key to your API requests in the following format:
Authorization: Key <Your App's Server API Key>
Example Code (Python: Payments Endpoint)
const postingURL = `https://api.minepi.com/v2/payments/${payment_id}`;
const headers = { headers: { authorization: `Key ${APIKEY}` } };
axios.get(postingURL, null, headers); Important Notes
- Secure Storage: Protect your Server API Key. Store it securely on your server and never expose it in client-side code.
- Refer to Developer Portal: The Developer Portal will provide the most up-to-date instructions for API Key management and usage within specific API endpoints.
Enhancements
- Purpose: Add a sentence or two clarifying the types of actions that typically require a Server API Key (e.g., processing payments, accessing sensitive Pioneer data).
- Link to Developer Portal: Provide a direct link to the relevant section of the Developer Portal for easy reference.
- 🏠 Home - Complete developer handbook
- 🆘 Community Support - Get help from Pi developers
- 🔐 Authorization - Authentication & security patterns
- 🔌 API Reference - Complete REST API documentation
- ⚡ SDK Reference - JavaScript SDK comprehensive guide
- 📋 Data Types - Object structures & schemas
- 🌐 Pi Browser Detection - Build hybrid Web2/Web3 apps
- 🔄 Migration Guide - Upgrade to hybrid architecture
- 💻 Code Examples - Production-ready samples & templates
- 🌍 What is PiNet? - Cross-platform app accessibility
- 💳 What is PiWallet? - Pi Network wallet integration
- 💰 Payments Overview - Transaction handling guide
- 💬 Chat Rooms for Apps - Community engagement features
- 🔄 Mainnet vs. Testnet - Environment selection guide
- 📋 Developer Terms - Terms of service
- ⚖️ Social Chain ToS - Platform terms
- 📄 Whitepaper - Pi Network foundations