auth_url fix

Co-authored-by: monlovesmango <96307647+monlovesmango@users.noreply.github.com>
Username should be "name" to match NIP-05.
2025-12-08 16:18:50 +00:00 · 2024-02-11 23:12:15 -03:00 · 2024-02-11 20:53:08 -03:00 · 2024-02-07 07:35:38 +00:00 · 2024-02-06 23:27:22 +00:00 · 2024-01-08 22:11:08 +00:00
1 changed files with 27 additions and 0 deletions
--- a/46.md
+++ b/46.md
@@ -32,6 +32,10 @@ nostrconnect://<client-key-hex>?relay=wss://...&metadata={"name":"...", "url": "

 The signer scans the QR code and sends a `connect` message to the client in the specified relays.

+### Using a NIP-05
+
+Clients can choose to connect with a backend with just a NIP-05 for the target user. The user enters a NIP-05 Nostr Address, which the client uses to resolve to a pubkey. NIP-05's nostr.json SHOULD include a `nip46` root element of the pubkey and the relays that should be used to communicate with the remote signer for this pubkey.
+
 ## Event payloads

 Event payloads are [NIP-04](04.md)-encrypted JSON blobs that look like JSONRPC messages (their format is specified inside the `.content` of the event formats nelow).
@@ -64,6 +68,23 @@ And the events the remote signer sends to the client have the following format:

 The signer key will always be the key of the user who controls the signer device.

+### Auth URL response
+A signer can reply with a `result: "auth_url", error: "<url>"`. This response can provide an easier way for the user to authorize this client to perform an action. Clients can redirect/popup this URL so the user can take an action directly on the signer backend.
+
+When redirecting, the client can choose to add a `callbackUrl` query string parameter to tell the signer where to send the user after an action has been performed.
+
+#### Example flow:
+
+* User goes to a new client
+* Logins by typing their nip-05 "hello@example.com"
+* Client gets example.com/.well-known/nostr.json?name=hello
+* Client finds nip46 relays wss://relay.example.com and pubkey <123>
+* Client sends `connect` with remote pubkey `<123>`
+* Signer sends back `result: "auth_url", error: "https://auth.example.com/some-long-secret-path"`
+* Client opens popup for `auth_url` (for example `https://auth.example.com/ABCD`)
+* User authorizes the client to sign on behalf of pubkey <123>
+* Client's `connect` RPC call is `ack`ed.
+
 ### Methods

 - **connect**
@@ -96,4 +117,10 @@ The signer key will always be the key of the user who controls the signer device
 - **ping**
  - params: []
  - result: `"pong"`
+- **create_account**
+  - params: `["name", "domain", "email"]
+  - result: `generated-pubkey`
+
+#### Account creation
+This method creates a new key inside the backend. All params are optional. Username+domain can be specified so a NIP-05 record is created to point to this key. Email is an optional parameter that allows the backend to check if this user has already created an account in this backend. The `create_account` method should be sent to the pubkey of the bunker, which should match the root NIP-05 entry (`_@domain`).
Author	SHA1	Message	Date
fiatjaf_	60c3e9fab7	`auth_url` fix Co-authored-by: monlovesmango <96307647+monlovesmango@users.noreply.github.com>	2024-02-11 23:12:15 -03:00
fiatjaf_	f38b7ab619	Username should be "name" to match NIP-05. Co-authored-by: Alex Gleason <alex@alexgleason.me>	2024-02-11 20:53:08 -03:00
Pablo Fernandez	667254eb7f	Update 46.md Co-authored-by: monlovesmango <96307647+monlovesmango@users.noreply.github.com>	2024-02-07 07:35:38 +00:00
Pablo Fernandez	db93c0d05f	Update 46.md Co-authored-by: Alex Gleason <alex@alexgleason.me>	2024-02-06 23:27:22 +00:00
Pablo Fernandez	5868d4f67a	Update 46.md Co-authored-by: fiatjaf_ <fiatjaf@gmail.com>	2024-01-08 22:11:08 +00:00
Pablo Fernandez	7dc72f967c	correct unforgivable typos	2024-01-08 17:15:04 +00:00
Pablo Fernandez	a411c4ac7f	create_account command	2024-01-08 16:19:46 +00:00