Picket Docs
Search…
Node.js Library - picket-node
Server side library for accessing picket endpoints.

Installation

npm install "@picketapi/picket-node"

Usage - Quick Start

The Picket constructor creates a new instance of the Picket class. It takes a secret API key as a parameter.
import Picket from "@picketapi/picket-node";
​
// Use your secret key when making calls from secure server
const picket = new Picket("YOUR_SECRET_KEY_HERE");
We’ve placed a placeholder secret API key in this example. Replace it with your actual api keys.

Nonce

A nonce is random value generated by the Picket API to that user must sign to prove ownership a wallet address. The nonce function can be used to implement your own wallet authentication flow.
A nonce is unique to a project and wallet address. If a nonce doesn't exist for the project and wallet address, Picket will generate a new nonce; otherwise, Picket will return the existing nonce. A nonce is valid for two minutes before self-destructing.
const { nonce } = await picket.nonce({
chain: "ethereum",
walletAddress: "0x_WALLET_ADDRESS"
});

Auth

auth is the server-side equivalent of login. auth should only be used in a trusted server environment. The most common use-case for auth is linking a wallet to an existing application account.

Wallet Authentication

Ethereum (Mainnet)
Solana
await picket.auth({
// optionally omit, the default chain is Ethereum
walletAddress: "0x_WALLET_ADDRESS",
signature: "SIGNATURE"
});
​
// or specifiy it explicitly
await picket.auth({
chain: "ethereum",
walletAddress: "0x_WALLET_ADDRESS",
signature: "SIGNATURE"
});
await picket.auth({
chain: "solana",
walletAddress: "0x_WALLET_ADDRESS",
signature: "SIGNATURE"
});

Token Gating

EVM-Compatible Chains
Solana
await picket.login({
// any supported EVM-compatible chain
// if omitted, defaults to "ethereum"
chain: "ethereum",
walletAddress: "0x_WALLET_ADDRESS",
signature: "SIGNATURE",
requirements: {
// restrict access to token holders
contractAddress: "0xCONTRACT_ADDRESS",
// omit if any number of tokens are acceptable
minTokenBalance: 1
}
});
await picket.auth({
chain: "solana",
walletAddress: "0x_WALLET_ADDRESS",
signature: "SIGNATURE",
requirements: {
// Replace this the tokens you want to verify ownership for
// the token ID is the mint associated with a SPL token
// user needs to own the minTokenBalance of at least one of the listed token
tokenIds: ["78AZe2223PknLYT9mn2VCJPAsdvuB6LzFAhgQeVoxddW", "2dQG4YYunFrbJjzW6UTcUmePs8UDy5jz43H6uSCZSAcS"],
// Replace with minimum balance you want to verify users' currently hold across all token IDs,
// or omit if any number of tokens is sufficient
minTokenBalance: 1
},
});

Verify Token Ownership

If you already have an access token for an authenticated wallet from the client, you can verify token ownership server side without requiring any future user interactions.
EVM-Compatible Chains
Solana
import Picket from "@picketapi/picket-node"
const picket = new Picket('YOUR_SECRET_KEY_HERE')
​
const requirements = {
// any supported EVM-compatible chain
// if omitted, defaults to "ethereum"
chain: "ethereum",
walletAddress: "WALLET_ADDRESS",
// Replace this example address with whichever contract you are verifying ownership for
contractAddress: '0x8a90cab2b38dba80c64b7734e58ee1db38b8992e',
// Replace with minimum balance you want to verify users' currently hold.
minTokenBalance: 1
}
​
const { allowed, contractAddress, numTokens } = await picket.tokenOwnership(requirements)
console.log(`Allowed == ${allowed} because ${request.walletAddress} has ${numTokens} for ${contractAddress}.`)
import Picket from "@picketapi/picket-node"
const picket = new Picket('YOUR_SECRET_KEY_HERE')
​
const requirements = {
chain: "solana",
walletAddress: "WALLET_ADDRESS",
// Replace this the tokens you want to verify ownership for
// the token ID is the mint associated with a SPL token
// user needs to own the minTokenBalance of at least one of the listed token
tokenIds: ["78AZe2223PknLYT9mn2VCJPAsdvuB6LzFAhgQeVoxddW", "2dQG4YYunFrbJjzW6UTcUmePs8UDy5jz43H6uSCZSAcS"],
// Replace with minimum balance you want to verify users' currently hold across all token IDs,
// or omit if any number of tokens is sufficient
minTokenBalance: 1
}
​
const { allowed, contractAddress, numTokens } = await picket.tokenOwnership(requirements)
console.log(`Allowed == ${allowed} because ${requirements.walletAddress} has ${numTokens} for ${contractAddress}.`)Validate
validate validates an access token. validate should be called, or manually access token validation should be done, server-side before trusting a request's access token. It's common to move access token validation and decoding logic to a shared middleware across API endpoints.
If the access token is valid, validate returns the decoded claims of the access token.
const decoded = await picket.validate("ACCESS_TOKEN");
Copy link
On this page
Installation
Usage - Quick Start
Nonce
Auth
Verify Token Ownership