This is a simple walkthrough on handling user authentication using Pi SDK and API endpoint. For a detailed explanation, please refer to Pi.authenticate for SDK reference and GET /me for API reference.
Here is a list of steps you can follow when you authenticate users for your app:
Using
pi-sdk-react? If your frontend usespi-sdk-react, useusePiConnection()instead of callingwindow.Pi.authenticate()directly — the hook handles theauthenticate()call internally and exposesaccessTokenin its return value. See pi-sdk-react docs and Common Mistakes — Mistake 7.const { connected, accessToken } = usePiConnection(); // When connected === true, POST accessToken to your backend for verification (Step 2 below).
authenticate() of Pi SDKUsing the Pi SDK authenticate() function, you can obtain user information along with the access token.
const authRes = await window.Pi.authenticate(scopes, onIncompletePaymentFound);
/me Pi API endpoint using the access token for verificationTo verify the data you got in step 1, you need to send this data to your backend. From there, make a GET request to the /me Pi API endpoint, with the access token included in the header. If the access token is valid, it will return a response with UserDTO. However, if the token is invalid, it will return an HTTP 401 Unauthorized code.
const me = await axios.get('https://api.minepi.com/v2/me', {headers: {'Authorization': `Bearer ${accessToken}`}});