Quick Start

First, Create an API Secret Key on the InLoop Connect Dashboard and specify the ERC-20 tokens and/or NFTs that you would like to check for. This API key will identify your application when making API requests.

You may revoke an API key at any time.

Flow overview

How your users verify their NFT ownership

Your user clicks a Verify with token button on your website.
They are directed to InLoop Connect and are prompted to connect their wallet.
Once they connect their wallet, they will be redirected back to your page with a code appended to the query parameters. You can use this code to exchange for a user token and query for the user's ownership of which ERC-20 tokens and/or NFTs you specified in the dashboard.

See the Examples page for code samples, or check out the API details below.

API

Load an unbranded page for the user to connect their wallet

GET https://connect.inloop.to/oauth/authorize

Once the user connects their wallet, they will automatically be navigated to the provided URL with the encrypted code in a query parameter: https://<redirect_uri>?code=<code>. The generated authorization code expires 10 minutes after issuance. The purpose of this code is to be immediately exchanged for a permanent user token by calling the /api/v1/oauth/token endpoint below. Try it out! Visit https://connect.inloop.to/oauth/authorize?redirect_uri=https://google.com

Note: If the user clicks Cancel on the wallet connect flow, they will be navigated to redirect_uri without a code parameter. You might want to handle this case gracefully.

Query Parameters

Name

Type

Description

redirect_uri*

String

The URL to redirect the user once they've connected their wallet.

We will append a query string to this URL (?code=<code> OR &code=<code> if your URL already has query strings) that will contains a temporary authorization code that should subsequently be used to query https://connect.inloop.to/api/v1/oauth/token (below) to receive a user access token.

{
    // Response
}

Exchange a code for a user token

POST https://connect.inloop.to/api/v1/oauth/token

Returns a long-lived user access token to uniquely identify the user that authorized. This token does not expire.

Headers

Name

Type

Description

Authorization*

String

Bearer YOUR_API_SECRET_KEY

Request Body

Name

Type

Description

code*

string

The temporary authorization code received from the query string of the redirect_uri given to https://connect.inloop.to/oauth/authorize (above section)

{
    "user_token": "<user token>"
}

{
    error: "Description of error"
}

Something is wrong with the authorization code passed in. It is likely that the code expired (there is a 10 minute expiry from when the code was issued).

{
    // Response
}

List tokens (NFTs or ERC-20 tokens) from a user

GET https://connect.inloop.to/api/v1/users/:user_token/tokens

Returns a list of NFTs from the collection addresses specified in your InLoop Connect dashboard. Please anticipate that this endpoint will take some time to run, especially if a long list of tokens is being checked.

Path Parameters

Name

Type

Description

user_token*

String

The user_token of the user to verify. This token can be obtained from the /oauth/authorize and /oauth/token flow.

Headers

Name

Type

Description

Authorization*

Bearer YOUR_API_SECERT_KEY

{
    user_token: "<user token>",
    wallet_address: "<user's connected wallet address>",
    tokens_owned: [
        {
            contract_name: "My NFT",        
            contract_address: "0x02c0f2ab1a5c2df8a895d12b34c885cfd6897b75",
            token_ids: [1, 5], // Returns an empty list if no token IDs found. Returns `null` if type is "erc20"
            quantity: 2,            
            network: "ethereum", // (or "polygon")            
            token_type: "erc721", // (or "erc20")
        },
        ...
    ]
}

{
    // Response
}

{
    // Response
}

PreviousWelcome!NextExamples

Last updated 3 years ago