Implement BFF design pattern w/ web3auth

we are developing backend application where we implement bff design pattern using web3auth. checking it seems that there are no open api for web3auth. Is there a better way to fulfill our requirements.

We do have a SFA node SDK which you can use for the backend. Checkout the documentation for SFA Node SDK. Let me know if this helps you.

Hi Ayush

Thanks for responding, our backend is made from ASP.NET Core and the package that you have provided seems to be compatible for node instead.

Do you have like an approach where we can integrate the asp.net with web3auth package?

Is there also a way to get the token generated by google upon login??

Hey @service3, unfortunately we don’t have public facing APIs. We do have Wallet Pregeneration API which you can use to get the public address for particular email, or unique verifier id.

If you want private key, the only way would to spin up own node server, use the Web3Auth Node SDK and expose the APIs.

Also, you can checkout the documentation for Google OAuth login to get the JWT token.

Thanks @Ayush for responding.

I appreciate the suggestion to use the pregeneration API. However, I still need the private key for some tasks.

Could you please clarify how to use a JWT token generated from Google in Web3Auth? Specifically, I have an identity server that connects to Google and generates the token. The clientId used there is the same as the one configured in the Web3Auth dashboard.

Will this token be accepted for accessing Web3Auth APIs?

Looking forward to your guidance. Thank you!

Hey @service3, since one of the account share is social login in Web3Auth, we use JWT token to verify the token is coming from the intended user, and is actually signed by the user. Web3Auth network uses JWKS to verify the token, before returning the social login share.

The steps for using the JWT token from Google would be.

  1. You can create a custom verifier in your Web3Auth project using the Dashboard
  2. Login with Google, get the JWT token/ idToken.
  3. Use SFA Node SDK to pass the JWT token, verifier id field which you selected during setting custom verifier, along with verifier name.
  4. The success response would have private key along with evm address.

For more details, you can checkout this doc.

Hi @Ayush

Thank you for your prompt response, I got this error below and I am unsure where to find the fix for it

Error: Error occurred while verifying params email not equal to body.email 103390838046460814342 test.email@gmail.com
    at D:\Workspace\node_project\w3a-quick-start\node_modules\@toruslabs\torus.js\dist\torusUtils.cjs.js:749:20
    at <anonymous>
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

This is happening in this line of code

  const provider = await web3auth.connect({
    verifier: "web3auth-custom-verifier", // replace with your verifier name
    verifierId: sub, // replace with your verifier id's value, for example, sub value of JWT Token, or email address.
    idToken: googleJWTtoken, // replace with your newly created unused JWT Token.
  });

Already solve this my mistake is that the verifierId should be the email from the google token payload.

This is what it looks like:

async function verifyIdToken(idToken) {
  const ticket = await client.verifyIdToken({
    idToken,
    audience: googleClientId,
  });
  const payload = ticket.getPayload();
  const userId = payload['sub'];
  return payload;
}
  const payload = await verifyIdToken(googleJWTtoken);

  const provider = await web3auth.connect({
    verifier: "web3auth-custom-verifier", // replace with your verifier name
    verifierId: payload.email, // google email address from the payload.
    idToken: googleJWTtoken, // replace with your newly created unused JWT Token.
  });

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.