POST
/auth/nonce
Issue a single-use nonce for wallet-signature recovery
Description
Step 1 of the recovery flow. Returns a fresh, single-use nonce with a 5-minute TTL. Sign `Sign in to really.com SMS\nNonce: <nonce>` with the wallet that owns the subscription, then POST the signature to `/auth`. Public — no bearer required.
Authentication
None. Public endpoint, no auth required.
Code samples
Pick your runtime. Every sample is in the page source — switching tabs is for your eyes.
curl https://agentnumber.really.com/auth/nonce \
--request POST \
--header 'content-type: application/json' \
--data '{
"address": "0x0000000000000000000000000000000000000000"
}'interface AuthNonceResponse {
nonce: string;
expires_in: number;
}
const response = await fetch('https://agentnumber.really.com/auth/nonce', {
method: 'POST',
headers: {
'content-type': 'application/json'
},
body: JSON.stringify({
address: '0x0000000000000000000000000000000000000000'
})
});
if (!response.ok) {
throw new Error(`issue a single-use nonce for wallet-signature recovery failed: ${response.status}`);
}
const data = (await response.json()) as AuthNonceResponse;
requests.post(
"https://agentnumber.really.com/auth/nonce",
headers={
"content-type": "application/json"
},
json={
"address": "0x0000000000000000000000000000000000000000"
}
)package main
import (
"fmt"
"io"
"net/http"
"strings"
)
func main() {
requestUrl := "https://agentnumber.really.com/auth/nonce"
payload := strings.NewReader(`{
"address": "0x0000000000000000000000000000000000000000"
}`)
req, _ := http.NewRequest("POST", requestUrl, payload)
req.Header.Add("content-type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}fetch('https://agentnumber.really.com/auth/nonce', {
method: 'POST',
headers: {
'content-type': 'application/json'
},
body: JSON.stringify({
address: '0x0000000000000000000000000000000000000000'
})
})import { request } from 'undici'
const { statusCode, body } = await request('https://agentnumber.really.com/auth/nonce', {
method: 'POST',
headers: {
'content-type': 'application/json'
},
body: JSON.stringify({
address: '0x0000000000000000000000000000000000000000'
})
})require 'uri'
require 'net/http'
url = URI("https://agentnumber.really.com/auth/nonce")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request.body = <<~JSON
{
"address": "0x0000000000000000000000000000000000000000"
}
JSON
response = http.request(request)
puts response.read_bodyimport Foundation
var request = URLRequest(url: URL(string: "https://agentnumber.really.com/auth/nonce")!)
request.httpMethod = "POST"
request.setValue("application/json", forHTTPHeaderField: "content-type")
let jsonBody = #"""
{
"address": "0x0000000000000000000000000000000000000000"
}
"""#
request.httpBody = jsonBody.data(using: .utf8)
let (data, response) = try await URLSession.shared.data(for: request)
guard let httpResponse = response as? HTTPURLResponse,
200..<300 ~= httpResponse.statusCode else {
throw URLError(.badServerResponse)
}
print(String(data: data, encoding: .utf8) ?? "")val client = OkHttpClient()
val mediaType = MediaType.parse("application/json")
val body = RequestBody.create(mediaType, "{\n \"address\": \"0x0000000000000000000000000000000000000000\"\n}")
val request = Request.Builder()
.url("https://agentnumber.really.com/auth/nonce")
.post(body)
.addHeader("content-type", "application/json")
.build()
val response = client.newCall(request).execute()POST /auth/nonce HTTP/1.1
Host: agentnumber.really.com
content-type: application/json
Content-Type: application/json
{
"address": "0x0000000000000000000000000000000000000000"
}HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://agentnumber.really.com/auth/nonce"))
.header("content-type", "application/json")
.method("POST", HttpRequest.BodyPublishers.ofString("{\n \"address\": \"0x0000000000000000000000000000000000000000\"\n}"))
.build();
HttpResponse<String> response = HttpClient.newHttpClient().send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());#import <Foundation/Foundation.h>
NSDictionary *headers = @{ @"content-type": @"application/json" };
NSDictionary *parameters = @{ @"address": @"0x0000000000000000000000000000000000000000" };
NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://agentnumber.really.com/auth/nonce"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:10.0];
[request setHTTPMethod:@"POST"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"%@", error);
} else {
NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
NSLog(@"%@", httpResponse);
}
}];
[dataTask resume];using var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://agentnumber.really.com/auth/nonce");
request.Content = new StringContent(
"""
{
"address": "0x0000000000000000000000000000000000000000"
}
""",
System.Text.Encoding.UTF8, "application/json");
using var response = await client.SendAsync(request);#include <curl/curl.h>
int main(void) {
curl_global_init(CURL_GLOBAL_DEFAULT);
CURL *curl = curl_easy_init();
if (!curl) {
curl_global_cleanup();
return 1;
}
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://agentnumber.really.com/auth/nonce");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "{\n \"address\": \"0x0000000000000000000000000000000000000000\"\n}");
CURLcode res = curl_easy_perform(curl);
curl_easy_cleanup(curl);
curl_slist_free_all(headers);
curl_global_cleanup();
return (int)res;
}import 'package:http/http.dart' as http;
void main() async {
final headers = <String,String>{
'content-type': 'application/json',
};
final body = r'{
"address": "0x0000000000000000000000000000000000000000"
}';
final response = await http.post(Uri.parse('https://agentnumber.really.com/auth/nonce'), headers: headers, body: body);
print(response.body);
}let client = reqwest::Client::new();
let request = client
.post("https://agentnumber.really.com/auth/nonce")
.header("content-type", "application/json")
.json(&serde_json::json!({
"address": "0x0000000000000000000000000000000000000000"
}));
let response = request.send().await?;$ch = curl_init("https://agentnumber.really.com/auth/nonce");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['content-type: application/json']);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
'address' => '0x0000000000000000000000000000000000000000'
]));
curl_exec($ch);
curl_close($ch);Request body
| Field | Type | Description |
|---|---|---|
address |
string |
Optional. The wallet you intend to authenticate as. Server may use it to scope rate limits but does not require it. Example: 0x0000000000000000000000000000000000000000 |
Example body
{
"address": "0x0000000000000000000000000000000000000000"
}
Responses
200 Nonce issued.
{
"nonce": "n_abcdef0123456789abcdef0123456789",
"expires_in": 300
}