7.3. Logging in with a login key

To log in with a Blockchain key, the following happens:

  • User requests a challenge phase from the BDTS app
  • The phrase is locally signed using the private key
  • The signed message is sent to the server
  • The server verifies the signature on the blockchain using the smart contract
  • The user receives an OAuth token which he uses for further requests


Request the challenge:

# Get the challenge
curl -s -L https://app.smartbl.io/api/v1/challenge/


    "challenge_string": "cHoPMZxRry_hnhXnmRofKHJGKgU"

Now sign the challenge locally using web3 and log in using the signed challenge:

# username is the public Ethereum address of the key
# Password is the HEX encoded signed challenge
curl -s https://client_id:[email protected]/oauth/token/ \


    // Token expiry time
    "expires_in": 600,
    // Refresh token
    "refresh_token": "cU8PqVszJXX8A3bzFWKjMUfJK3nXXB",
    // Access token to be used in Authentication: Bearer <token>
    "access_token": "WlMxwPLaAG3krmvJxyzkSiVgIGaPIdH",
    // Token type. Currently only “Bearer” is available
    "token_type": "Bearer",
    "scope": "read write"