Skip to content

Authentication

Grapevine uses wallet-based authentication for creating and managing your data feeds.

Using the SDK (Recommended)

The SDK handles authentication automatically:

import { GrapevineClient } from '@pinata/grapevine-sdk';
 
const grapevine = new GrapevineClient({
  network: 'testnet',
  privateKey: process.env.PRIVATE_KEY
});
 
// Authentication handled automatically
const feed = await grapevine.feeds.create({
  name: 'My Data Feed'
});

Manual Authentication

For direct API calls, you'll need to authenticate manually:

1. Get a nonce and sign it

// Request nonce
const nonceRes = await fetch('https://api.grapevine.markets/v1/auth/nonce', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ wallet_address: account.address })
});
 
const { message } = await nonceRes.json();
 
// Sign the message
const signature = await walletClient.signMessage({ message });

2. Include headers in your requests

const headers = {
  'x-wallet-address': account.address,
  'x-signature': signature,
  'x-message': message,
  'x-timestamp': Math.floor(Date.now() / 1000).toString(),
  'x-chain-id': '84532' // Base Sepolia
};

Security Notes

  • Store private keys in .env files
  • Use different keys for testnet and mainnet
  • Reading data is public, creating data requires authentication

For complete examples, see the SDK documentation.