Requestlogin – Trezor Connect Explorer

Method testing tool

Request login

Challenge-response authentication via Trezor. To protect against replay attacks you should use a server-side generated and randomized challengeHidden for every attempt. You can also provide a visual challenge that will be shown on the device.

Service backend needs to check whether the signature matches the generated challengeHidden, provided challengeVisual and stored publicKey fields. If that is the case, the backend either creates an account (if the publicKey identity is seen for the first time) or signs in the user (if the publicKey identity is already a known user).

To understand the full mechanics, please consult the Challenge-Response chapter of SLIP-0013: Authentication using deterministic hierarchy.

Note: callback and asyncChallenge parameters are now deprecated. Simply fetch the data first and pass it to the method.

const result = await TrezorConnect.requestLogin(params);

Params

Including CommonParams

RequestLoginSchema

challengeHidden

String

Required

hexadecimal value

challengeVisual

String

Required

text displayed on Trezor

origin

String

Optional

domain requesting the login, do not fill manually under normal circumstances

asyncChallenge

Undefined

Optional

callback

Undefined

Optional

Example

Login without async challenge

TrezorConnect.requestLogin({
    challengeHidden: '0123456789abcdef',
    challengeVisual: 'Login to',
});

Result

{
    success: true,
    payload: {
        address: string,
        publicKey: string,
        signature: string,
    }
}

Error

{
    success: false,
    payload: {
        error: string // error message
    }
}

Server side examples

Here is the reference implementation of the server-side signature verification written in various languages:

init unlockPath