Authentication
Using the Wallet
The recommended way to authenticate users is by using Wallet Authentication. This provides your app with access to a User
object that contains the user's wallet address, username, and other information.
export type User = {
walletAddress?: string
username?: string
profilePictureUrl?: string
permissions?: {
notifications: boolean
contacts: boolean
}
optedIntoOptionalAnalytics?: boolean
worldAppVersion?: number
deviceOS?: string
}
In addition we have two helper functions to make it easier to get User information.
MiniKit.getUserByAddress(address: string): Promise<User>
MiniKit.getUserByUsername(username: string): Promise<User>
// Returns
return {
walletAddress: '0x...',
username: 'John Doe',
profilePictureUrl: 'https://example.com/profile.png',
};
How it works
Using NextAuth you can easily create and manage sessions for your app. The starter template is already set up with NextAuth. To extend this to other wallet providers, you simply need to trigger the wallet auth command and verify the response with verifySiweMessage.
Starting from World App 2.8.79 and higher, we support the standard SIWE verification library.
SIWE Implementations
- Privy: You can find a complete integration guide at Worldcoin Mini App SIWE with Privy
- Custom Implementation: Use the wallet auth command.
Alternative Authentication Methods
- OAuth (Google, Apple, etc.): These providers are supported but it's recommended to trigger this outside of the World App and then redirect back to your mini app with the access token
worldapp://mini-app?app_id=appId&path=/handle-oauth?accessToken=...
. - Sign in with World ID: Not recommended as it doesn't provide the user's wallet address.