Relayed Meta Data Authentication
Using the relayed meta data security schemes does not require blockchain-specific knowledge or blockchain interaction by an API provider and there are no blockchain transaction (gas) fees. Just apply the desired security scheme fields in the Airnode config.json
file during deployment of an Airnode, see [Building an Airno/reference/airnode/latest/understand/). Then have your API operations check for any security scheme values you configured (typically the sponsorAddress
) against your customer database.
Simple Example
The illustration below is one way to make use of relayed meta data for security purposes. Here a sponsor (a.k.a. developer or customer) submits their sponsorAddress
to be stored by an API provider. The sponsorAddress
can be used to authenticate requests by a sponsor's smart contracts.
The following sections relate to the numbers shown in the diagram above.
1: Deploy Airnode
An Airnode is deployed with the sponsorAddress
security scheme instructing Airnode to pass along the sponsorAddress
with all requests.
2: Register Sponsors
A sponsor is the developer of an on-chain smart contract that wishes to request off-chain data from an API provider. A sponsor has a know sponsorAddress
. The API provider can request the sponsorAddress
from the sponsor using a webform as part of a paid subscription setup.
3: Making Requests
When a smart contract (requester) makes a request of any API operation, the sponsorAddress
will be part of the request. A sponsor can have more than one requester.
- 3a: The requester makes a request to Airnode.
- 3b: Airnode adds the
sponsorAddress
to the request before passing the request to the API operation. The API operation performs a lookup on thesponsorAddress
to verify it has a subscription. If verified the API operation returns the response to Airnode. - 3c: Airnode returns the response to the requester.
Security Schemes
Including the sponsorAddress
used in the Simple Example above, there are five relayed meta data security schemes that can be incorporated into any Airnode.
- relayChainId - The chain ID the request came from.
- relayChainType - The chain type the request came from.
- relaySponsorAddress - The sponsor's wallet address. The sponsor owns and operates one or more requesters.
- relaySponsorWalletAddress - Other wallet addresses associated with each requester. These are owned and funded by a sponsor to pay on-chain gas costs.
- relayRequesterAddress - The on-chain address of the requester (smart contract).
- relayRequestId - The id of the request.