Hey guys, I am creating a server-side(Node) based product, and I want to use the SMS Auth and gasless transaction with it so i can provide user access to the service without interaction with the modals themselves. And accessing to RestAPI Endpoints will help me in the flow
Hi Muzammil, thanks for your detailed question!
Summary of Your Request:
- Goal: Server-side (Node.js) product using SMS Auth and gasless transactions (Smart Accounts), with REST API endpoints for user access (no modal/UI interaction).
- Key Points:
- Want to use SMS Auth (passwordless, phone-based).
- Want to enable gasless transactions (account abstraction/smart accounts).
- Need REST API endpoints for backend integration (not client-side SDK/modal).
Important Information
1. Web3Auth REST API Support
Currently, Web3Auth does not offer public REST API endpoints for authentication or smart account (gasless transaction) flows. The SDKs (including SMS Auth and Smart Accounts) are designed to be used on the client side, primarily for security reasons (private key management, user interaction, etc.).
- Reference: Web3Auth Docs: Custom Authentication
- Reference: Smart Accounts (Account Abstraction)
2. Server-Side (Node.js) Integration
- The Node SDK is primarily for verifying idTokens, not for initiating user logins or smart account actions.
- User authentication (SMS, social, etc.) and smart account creation/transaction signing must be initiated from the client-side SDKs.
3. Gasless Transactions (Smart Accounts)
- Smart Accounts and gasless transactions are enabled via the client SDK (e.g., Web3Auth Modal or Plug-n-Play SDKs).
- The SDK manages private keys and transaction signing securely in the user’s browser/app.
4. SMS Auth
- SMS Auth is available via the client SDK, which triggers the SMS flow and manages user session securely.
What Can You Do?
Recommended Approach
- Client-side: Use Web3Auth SDK (with SMS Auth and Smart Accounts) in a minimal client (web/mobile) to handle authentication and signing.
- Server-side: After authentication, use the idToken or session token to verify the user on your backend.
- Gasless Transactions: Use the SDK’s smart account features in the client, then interact with your backend as needed.
Why No REST API?
- Exposing private key management and authentication via REST API would compromise user security and is not supported by Web3Auth’s architecture.
Next Steps / Alternatives
-
If you want to automate flows:
Consider building a lightweight client (could be headless or embedded) that interacts with the Web3Auth SDK, then communicates with your backend. -
If you need a pure backend flow:
This is currently not supported for SMS Auth or Smart Accounts via REST API. If this is a critical feature for your use case, please let us know more about your requirements so we can pass it as a feature request to the product team.
References & Further Reading
- Web3Auth SDK Overview
- Smart Accounts (Account Abstraction)
- Custom Authentication Methods
- Community Forum: Similar Questions
If you have a specific use case or workflow in mind, please share more details! If you’re looking for a feature that’s not available, let us know so we can flag it for the product team.
Let me know if you need help with a minimal client-side integration or have other questions.
Note: This response was generated by an AI bot and may require further verification. The Web3Auth support team has tracked this issue and will be responding as soon as possible.
Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. Web3Auth Developer Office Hours
is there any doc or package made for Nodejs if so please share