Skip to main content
Checkout these autogenerated SDK docs detailing classes, methods, and types available.

Request signing

All state-changing requests made to the Dfns API must be cryptographically signed. The SDK handles this automatically when you configure a signer. See backend SDK concepts for details.

AsymmetricKeySigner

AsymmetricKeySigner in the @dfns/sdk-keysigner package implements CredentialSigner for server-side use. 
import { AsymmetricKeySigner } from '@dfns/sdk-keysigner'

const keySigner = new AsymmetricKeySigner({
  credId: 'X2ktMzhxaTEtZTF1bTgtOXY1cG9yY2tkZDe1dG1jYg', // Credential ID
  privateKey: process.env.DFNS_PRIVATE_KEY!, // Credential private key
})
ParameterDescription
credIdID of the credential registered with your token. Find it in the Dfns Dashboard under Settings > Service Accounts or Settings > Personal Access Tokens.
privateKeyPEM-formatted private key associated with the public key you registered when creating your PAT or Service Account.

DfnsApiClient

DfnsApiClient is the main client for direct signing. It handles the full signing flow internally. 
import { DfnsApiClient } from '@dfns/sdk'

const dfns = new DfnsApiClient({
  baseUrl: 'https://api.dfns.io',
  orgId: 'or-...',
  authToken: '...',
  signer, // an AsymmetricKeySigner
})

const wallet = await dfns.wallets.createWallet({
  body: { network: 'EthereumSepolia' },
})

const { assets } = await dfns.wallets.getWalletAssets({ walletId: wallet.id })

DfnsDelegatedApiClient

DfnsDelegatedApiClient is the client for delegated signing. Use it when users sign from their own device using passkeys. The difference with DfnsApiClient:
  • No CredentialSigner in the constructor (signing happens externally)
  • Every state-changing method is split into init and complete steps
import { DfnsDelegatedApiClient } from '@dfns/sdk'

const dfnsDelegated = new DfnsDelegatedApiClient({
  baseUrl: 'https://api.dfns.io',
  orgId: 'or-...',
  authToken: userAuthToken,
})

const challenge = await dfnsDelegated.wallets.createWalletInit(payload)

// ... send challenge to frontend, user signs with passkey ...

const wallet = await dfnsDelegated.wallets.createWalletComplete(payload, signedChallenge)

BaseAuthApi

BaseAuthApi provides special auth-related methods, including unauthenticated endpoints for login and registration flows. 
import { BaseAuthApi } from '@dfns/sdk/baseAuthApi'

BaseAuthApi.createUserActionChallenge()
BaseAuthApi.signUserActionChallenge()
BaseAuthApi.createUserLoginChallenge()
BaseAuthApi.createUserLogin()
BaseAuthApi.createUserRegistrationChallenge()
BaseAuthApi.createUserRegistration()
Last modified on March 13, 2026