-
Notifications
You must be signed in to change notification settings - Fork 1
Authorization
API calls requiring Pioneer-specific data use Access Tokens obtained via the Pi App Platform SDK's Pi.Authenticate function. Include the token in the Authorization header:
Authorization: Bearer <Pioneer's access token>
Example Code (Python):
const headers = { headers: { authorization: "Bearer " + { PioneerAccessToken } }};
axios.get("https://api.minepi.com/v2/me", headers);The Pi.Authenticate function of the Pi SDK provides an AuthResults object:
AuthResults{
accessToken: string,
user: {
uid: string
}
}Security Note: Use the accessToken from the frontend only for verification with the /me API endpoint. Do not store it long-term for identifying the Pioneer, as it is dynamic.
-
Pass to Backend: Send the
accessTokenfrom your frontend to your server. -
Call
/meEndpoint: Make a request to the Pi API's/meendpoint using the following header format:Authorization: Bearer <Pioneer's access token>Example (Python with Axios):
const PioneerAccessToken = accessToken_Obtained_from_App_Frontend; const header = { headers: { authorization: "Bearer " + PioneerAccessToken }}; axios.get("https://api.minepi.com/v2/me", header);
-
Handle Response:
-
Success (200): The
/meendpoint returns aUserDTOobject containing the verifieduid:Object{ user: { uid: string, username: string } }
-
Error (401): The Access Token is invalid.
-
-
Create Unique Records: The verified
uidfrom the/meendpoint can reliably create unique records in your app's database. -
Personalized Experience: Use the
uidto retrieve stored information like purchases or progress, enabling seamless login-free personalization.
Important: Use the verified uid from the /me endpoint, not the initial uid returned by Pi.Authenticate.
Certain API calls require authorization from your app's server-side for security reasons. To use a Server API Key:
-
Obtain from the Developer Portal: Instructions for generating a Server API Key can be found in the appropriate section of the Developer Portal guide.
-
Include in Authorization Header: Add the key to your API requests in the following format:
Authorization: Key <Your App's Server API Key>
Example Code (Python: Payments Endpoint)
const postingURL = `https://api.minepi.com/v2/payments/${payment_id}`;
const headers = { headers: { authorization: `Key ${APIKEY}` } };
axios.get(postingURL, null, headers); Important Notes
- Secure Storage: Protect your Server API Key. Store it securely on your server and never expose it in client-side code.
- Refer to Developer Portal: The Developer Portal will provide the most up-to-date instructions for API Key management and usage within specific API endpoints.
Enhancements
- Purpose: Add a sentence or two clarifying the types of actions that typically require a Server API Key (e.g., processing payments, accessing sensitive Pioneer data).
- Link to Developer Portal: Provide a direct link to the relevant section of the Developer Portal for easy reference.
- π Home - Complete developer handbook
- π Community Support - Get help from Pi developers
- π Authorization - Authentication & security patterns
- π API Reference - Complete REST API documentation
- β‘ SDK Reference - JavaScript SDK comprehensive guide
- π Data Types - Object structures & schemas
- π Pi Browser Detection - Build hybrid Web2/Web3 apps
- π Migration Guide - Upgrade to hybrid architecture
- π» Code Examples - Production-ready samples & templates
- π What is PiNet? - Cross-platform app accessibility
- π³ What is PiWallet? - Pi Network wallet integration
- π° Payments Overview - Transaction handling guide
- π¬ Chat Rooms for Apps - Community engagement features
- π Mainnet vs. Testnet - Environment selection guide
- π Developer Terms - Terms of service
- βοΈ Social Chain ToS - Platform terms
- π Whitepaper - Pi Network foundations