# Authentication

> **Note:** To get started with BloqStake services using an Ethereum PoW account, you must authenticate to the Bloq API. Please contact **<support@bloq.com>** to have your address whitelisted before authenticating.

This is a multi-step process:

1. obtain a nonce,
2. create a message,
3. sign it, and
4. send it back to receive an authentication token.

Note that the account must be enabled by the Bloq administrators as this is a permissioned service. Also note that the account is used to identify the user. It is not related to the validators and must be derived from a different mnemonic than the one used to create the validator keys.

### 1. Obtain a nonce

Obtain the alphanumeric random nonce required to authenticate using the address of the account mentioned above:

```shell
curl -X POST https://api.bloq.com/auth/users/<PUBLIC_ADDRESS>/nonce
```

> **Note**: The `PUBLIC_ADDRESS` must be lowercase or in EIP-55 checksum format.

The response will be a JSON with the user nonce.

```json
// Sample response
{
  "nonce": "<NONCE>"
}
```

### 2. Create the authentication message

Using the copy icon, copy the authentication message below into your preferred text editor and insert your public address, nonce, and ISO time string.

```
api.bloq.com wants you to sign in with your Ethereum account:
<PUBLIC_ADDRESS>

Signing In With Ethereum on Bloq

URI: https://api.bloq.com
Version: 1
Chain ID: 1
Nonce: <NONCE>
Issued At: <ISO_STRING_DATETIME_OF_SIGNING>
```

> **Note:** The signature time ISO string can be obtained by executing `new Date().toISOString()`. To obtain the signature time ISO string, you may use a JS browser to run the command.

### 3. Sign the authentication message

Visit <https://pure.finance/sign-message> and submit the authentication message to receive your signature. The signature will be used to authenticate to the Bloq API.

### 4. Send the signature to authenticate

Using the copy icon, copy the message below into your preferred text editor and insert your public address, signature, and identical ISO time string. Send the message and obtain your authentication token. Note your authentication token will expire after 12 hours.

```shell
curl -X POST https://api.bloq.com/auth \
  -H 'Content-Type: application/json' \
  -d '{
    "address": "<PUBLIC_ADDRESS>",
    "service": "stake",
    "signature": "<SIGNATURE>",
    "signedAt": "<ISO_STRING_DATETIME_OF_SIGNING>"
  }'
```

> **TIP:** If you are experiencing difficulties receiving a successful response, check your quotation marks to ensure they are in appropriate format.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bloq.com/bloq-services/bloqstake/authenticate-to-bloq-api/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.