Skip to main content
POST
/
auth
/
session
Session Auth
curl --request POST \
  --url https://api.memoclaw.com/auth/session \
  --header 'Content-Type: application/json' \
  --data '
{
  "address": "<string>",
  "timestamp": 123,
  "signature": "<string>"
}
'
{
  "token": "<string>",
  "wallet": "<string>",
  "expires_at": "<string>"
}
This endpoint is free and does not require x402 payment.
Session auth lets you sign once with your wallet and use a JWT token for subsequent requests. This avoids signing every request individually and is used by the MemoClaw dashboard.

Request Body

address
string
required
Your EVM wallet address.
timestamp
number
required
Current Unix timestamp (seconds). Must be within 5 minutes of server time.
signature
string
required
Signature of the message memoclaw-auth:{timestamp} signed with your wallet’s private key.

Response (200)

token
string
JWT session token. Valid for 7 days. Include as Authorization: Bearer {token} in subsequent requests.
wallet
string
Your wallet address.
expires_at
string
ISO 8601 expiry timestamp for the token.

Example

curl -X POST https://api.memoclaw.com/auth/session \
  -H "Content-Type: application/json" \
  -d '{
    "address": "0x1234567890abcdef1234567890abcdef12345678",
    "timestamp": 1707800000,
    "signature": "0x..."
  }'
Response
{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "wallet": "0x1234567890abcdef1234567890abcdef12345678",
  "expires_at": "2026-02-20T17:00:00Z"
}

Errors

StatusDescription
401Invalid signature or expired timestamp.
422Missing required fields (address, timestamp, signature).
Session tokens are ideal for frontend applications like the dashboard where you don’t want to sign every request. For server-to-server usage, the free tier x-wallet-auth header or x402 payment is more straightforward.