> ## Documentation Index > Fetch the complete documentation index at: https://docs.luxxon.dev/llms.txt > Use this file to discover all available pages before exploring further. # Issue SIWE challenge > Step 1 of wallet sign-in. Returns a single-use nonce + the exact message to sign with the wallet's private key. The nonce expires in 5 minutes. Public — no auth required. ## OpenAPI ````yaml /openapi.json post /api/v1/auth/wallet/challenge openapi: 3.0.0 info: title: Luxxon API description: Programmable vision — on-demand live video feeds version: 0.1.0 contact: {} servers: - url: https://api.luxxon.dev/api/v1 security: [] tags: - name: Authentication description: SIWE wallet sign-in. Used by the dashboard; API-key callers skip this. - name: Me description: Identity self-introspection — wallet or API key. - name: Workspaces description: Tenant root. Coverage area, availability, members. - name: API keys description: Per-workspace scoped credentials (lxxn_*). - name: Pricing description: Live rate + optional pre-quoted rate lock. - name: Sessions description: 'Visual session lifecycle: request → dispatch → authorize → start → end.' - name: Wallet description: On-chain wallet state and event log for a workspace. - name: Settlements description: On-chain settlement view per session. - name: Health description: Proof-of-life. No auth. - name: Webhooks description: Inbound video events from Cloudflare Stream. Internal. paths: /api/v1/auth/wallet/challenge: post: tags: - Authentication summary: Issue SIWE challenge description: >- Step 1 of wallet sign-in. Returns a single-use nonce + the exact message to sign with the wallet's private key. The nonce expires in 5 minutes. Public — no auth required. operationId: LxWalletAuthController_walletChallenge parameters: [] requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/LxChallengeDto' responses: '200': description: Request successful content: application/json: schema: allOf: - $ref: '#/components/schemas/LxSuccessResponseDto' - properties: data: $ref: '#/components/schemas/LxChallengeResponseDto' '400': description: INVALID_INPUT content: application/json: schema: $ref: '#/components/schemas/LxErrorResponseDto' examples: INVALID_INPUT: summary: INVALID_INPUT — Invalid request payload value: statusCode: 400 code: INVALID_INPUT message: Invalid request payload detail: invalid_input:example timestamp: '2026-05-13T12:00:00.000Z' components: schemas: LxChallengeDto: type: object properties: walletAddress: type: string example: '0xAbC0000000000000000000000000000000000001' description: EIP-55 checksummed wallet address requesting sign-in. required: - walletAddress LxSuccessResponseDto: type: object properties: statusCode: type: number example: 200 message: type: string example: Request successful data: type: object description: Endpoint-specific payload. See the per-endpoint schema. timestamp: type: string example: '2026-05-13T12:00:00.000Z' required: - statusCode - message - data - timestamp LxChallengeResponseDto: type: object properties: nonce: type: string example: 9f3a2b1c0d4e5f6a7b8c9d0e1f2a3b4c description: Random hex nonce. Single-use, expires in 5 minutes. message: type: string example: |- Luxxon — sign in to prove wallet ownership. Address: 0xAbC... Nonce: 9f3a... Expires: 2026-05-13T12:05:00.000Z description: The exact bytes to sign — server-issued; do not modify. expiresAt: type: string example: '2026-05-13T12:05:00.000Z' required: - nonce - message - expiresAt LxErrorResponseDto: type: object properties: statusCode: type: number example: 400 code: type: string example: INVALID_INPUT description: Machine-readable error code — see ErrorCodes. message: type: string example: Invalid request payload detail: type: string example: session:workspaceMismatch description: Short, safe-to-expose label scoping the failure site. timestamp: type: string example: '2026-05-13T12:00:00.000Z' required: - statusCode - code - message - timestamp ````