Skip to main content
POST
/
v1
/
w3s
/
user
/
sign
/
message
Create a challenge to sign message
curl --request POST \
  --url https://api.circle.com/v1/w3s/user/sign/message \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-User-Token: <x-user-token>' \
  --data '
{
  "message": "I agree with this transfer",
  "walletId": "c4d1da72-111e-4d52-bdbf-2e74a2d803d5",
  "blockchain": "MATIC-AMOY",
  "walletAddress": "0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350",
  "encodedByHex": false,
  "memo": "Transfer USDC to Sam"
}
'
import requests

url = "https://api.circle.com/v1/w3s/user/sign/message"

payload = {
"message": "I agree with this transfer",
"walletId": "c4d1da72-111e-4d52-bdbf-2e74a2d803d5",
"blockchain": "MATIC-AMOY",
"walletAddress": "0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350",
"encodedByHex": False,
"memo": "Transfer USDC to Sam"
}
headers = {
"X-User-Token": "<x-user-token>",
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {
'X-User-Token': '<x-user-token>',
Authorization: 'Bearer <token>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
message: 'I agree with this transfer',
walletId: 'c4d1da72-111e-4d52-bdbf-2e74a2d803d5',
blockchain: 'MATIC-AMOY',
walletAddress: '0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350',
encodedByHex: false,
memo: 'Transfer USDC to Sam'
})
};

fetch('https://api.circle.com/v1/w3s/user/sign/message', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.circle.com/v1/w3s/user/sign/message",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'message' => 'I agree with this transfer',
'walletId' => 'c4d1da72-111e-4d52-bdbf-2e74a2d803d5',
'blockchain' => 'MATIC-AMOY',
'walletAddress' => '0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350',
'encodedByHex' => false,
'memo' => 'Transfer USDC to Sam'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json",
"X-User-Token: <x-user-token>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.circle.com/v1/w3s/user/sign/message"

payload := strings.NewReader("{\n \"message\": \"I agree with this transfer\",\n \"walletId\": \"c4d1da72-111e-4d52-bdbf-2e74a2d803d5\",\n \"blockchain\": \"MATIC-AMOY\",\n \"walletAddress\": \"0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350\",\n \"encodedByHex\": false,\n \"memo\": \"Transfer USDC to Sam\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("X-User-Token", "<x-user-token>")
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.circle.com/v1/w3s/user/sign/message")
.header("X-User-Token", "<x-user-token>")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"message\": \"I agree with this transfer\",\n \"walletId\": \"c4d1da72-111e-4d52-bdbf-2e74a2d803d5\",\n \"blockchain\": \"MATIC-AMOY\",\n \"walletAddress\": \"0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350\",\n \"encodedByHex\": false,\n \"memo\": \"Transfer USDC to Sam\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.circle.com/v1/w3s/user/sign/message")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["X-User-Token"] = '<x-user-token>'
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"message\": \"I agree with this transfer\",\n \"walletId\": \"c4d1da72-111e-4d52-bdbf-2e74a2d803d5\",\n \"blockchain\": \"MATIC-AMOY\",\n \"walletAddress\": \"0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350\",\n \"encodedByHex\": false,\n \"memo\": \"Transfer USDC to Sam\"\n}"

response = http.request(request)
puts response.read_body
{
  "data": {
    "challengeId": "c4d1da72-111e-4d52-bdbf-2e74a2d803d5"
  }
}
{
"data": {
"challengeId": "c4d1da72-111e-4d52-bdbf-2e74a2d803d5"
}
}
{
"code": 400,
"message": "Bad request."
}
{
"code": 401,
"message": "Malformed authorization."
}
{
"code": 404,
"message": "Not found."
}

Authorizations

Authorization
string
header
required

Circle's API Keys are formatted in the following structure "PREFIX:ID:SECRET". All three parts are required to make a successful request.

Headers

X-User-Token
string
required

Unique system generated JWT session token for specific user.

X-Request-Id
string<uuid>

Developer-provided identifier for this request, used for tracing requests in Wallets API logs and the Developer Console, and when communicating with Circle Support. Must be a UUID to appear in logs. Non-UUID values are accepted by the API but are ignored by logging and tracing systems.

A unique identifier, which can be helpful for identifying a request when communicating with Circle support.

Example:

"2adba88e-9d63-44bc-b975-9b6ae3440dde"

Body

application/json

Sign message for end user request

message
string
required

The user friendly message that needs to be signed. If it is a hex string, encodedByHex needs to be TRUE. The hex string should start with “0x” and have even length.

Example:

"I agree with this transfer"

walletId
string<uuid>

System-generated unique identifier of the resource.

Example:

"c4d1da72-111e-4d52-bdbf-2e74a2d803d5"

blockchain
enum<string>

The blockchain network that the resource is to be created on or is currently on.

Available options:
ETH,
ETH-SEPOLIA,
AVAX,
AVAX-FUJI,
MATIC,
MATIC-AMOY,
SOL,
SOL-DEVNET,
ARB,
ARB-SEPOLIA,
NEAR,
NEAR-TESTNET,
EVM,
EVM-TESTNET,
UNI,
UNI-SEPOLIA,
BASE,
BASE-SEPOLIA,
OP,
OP-SEPOLIA,
APTOS,
APTOS-TESTNET,
ARC-TESTNET,
MONAD,
MONAD-TESTNET
Example:

"MATIC-AMOY"

walletAddress
string

Blockchain generated unique identifier, associated with wallet (account), smart contract or other blockchain objects.

Example:

"0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350"

encodedByHex
boolean

Indicator of whether the input message is encoded by hex. If TRUE, then the message should be a hex string. By default, it is False.

Example:

false

memo
string

The human readable explanation for this sign action. Useful for presenting with extra information.

Example:

"Transfer USDC to Sam"

Response

Signature already exists

data
object
required