Exchange Token
Exchange auth token for user profile and create OAuth session.
Endpoint
POST /api/oauth/exchange
Headers
X-API-Key: your-api-key
Content-Type: application/json
Request
{
"authToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
| Field | Type | Required | Description |
|---|---|---|---|
authToken | string | Yes | JWT token from authentication flow |
Response
{
"status": true,
"message": "Token exchanged successfully",
"data": {
"user": {
"email": "user@example.com",
"name": "John Doe",
"profileImage": "https://example.com/profile.jpg",
"walletAddress": "0x1234567890abcdef1234567890abcdef12345678"
},
"session": {
"id": "507f1f77bcf86cd799439011",
"createdAt": "2024-01-15T10:30:00.000Z"
}
}
}
Response Fields
| Field | Type | Description |
|---|---|---|
user.email | string | User email |
user.name | string | User name (optional) |
user.profileImage | string | null | Profile image URL |
user.walletAddress | string | Wallet address |
session.id | string | Session ID |
session.createdAt | string | Session creation timestamp |
Errors
| Status | Message |
|---|---|
400 | Validation failed |
401 | Invalid API key / Invalid or expired token |
404 | User not found |
Example
curl -X POST "https://api.reeng.xyz/api/oauth/exchange" \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{
"authToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}'
Notes
- Auth token expires in 15 minutes
- Existing sessions return cached data
- Session expires in 15 minutes
- Session tracks IP and user agent
Complete Flow
// 1. Generate Auth URL
const { authUrl } = await fetch(
'https://api.reeng.xyz/api/oauth/generate-auth-url?clientId=your-client-id',
{
method: 'POST',
headers: {
'X-API-Key': 'your-api-key',
'Content-Type': 'application/json'
},
body: JSON.stringify({
redirectUri: 'https://your-app.com/callback',
state: 'random-state-123'
})
}
).then(r => r.json());
// 2. User completes authentication → receives authToken
// 3. Exchange Token
const { user, session } = await fetch(
'https://api.reeng.xyz/api/oauth/exchange',
{
method: 'POST',
headers: {
'X-API-Key': 'your-api-key',
'Content-Type': 'application/json'
},
body: JSON.stringify({ authToken })
}
).then(r => r.json());