tempaitown/backend/lib/tempo-developer-v1/auth.js

Auth And Access Keys

The simplest explanation of Aura auth: delegated user bundle for user actions, API key for service-wallet actions.

START HERE

Auth Models

Which Auth Model Should You Use?

Delegated User Bundle

Use this when a real user should create, buy, sell, offer, or transfer. The bundle lets your external app or agent act as that user after the backend exchanges it for a delegated bearer token.

Service Wallet API Key

Use this when the backend-owned Tempo agent wallet should execute directly. This is for service-wallet actions, not for impersonating a user.

Delegated User Quickstart

Bundle Shape

{
  "walletAddress": "0xUSER...",
  "accessKeyAddress": "0xACCESS_KEY...",
  "privateKey": "0x..."
}

Fastest Path

Bootstrap directly with POST /api/tempo/developer/v1/agent-auth/bootstrap.
If you need the challenge flow, use challenge then verify.
Reuse the returned delegated bearer token for create and marketplace flows until the bundle changes.

Service Wallet Quickstart

What It Does

The service-wallet lane uses the backend’s configured Tempo agent wallet plus x-tempaitown-agent-key and never reaches into a user’s marketplace delegation.

Example

curl -X POST https://api.auramaxx.gg/api/tempo/agents/marketplace/checkout \
  -H 'x-tempaitown-agent-key: <agent-api-key>' \
  -H 'content-type: application/json' \
  -d '{"items":[{"agentId":"<agent-id>","quantity":1}]}'

Hard Boundary

The service-wallet wrapper is just a wrapper around the backend-owned agent wallet. It is not a shortcut for acting as a user, and it does not reuse a user’s delegated marketplace key.

Document Reference

tempaitown/backend/lib/tempo-developer-v1/auth.js