Enoki Docs
HTTP API Reference

Enoki API Specification

HTTP API for Enoki

POST
/v1/zklogin/nonce

Create zkLogin nonce

Generates a nonce used in the zkLogin OAuth flow. Using this API is not required, you can also construct a nonce client-side if desired.

/v1/zklogin/nonce

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

networkstring

The Sui network you wish to use. Defaults to mainnet.

Default: "mainnet"Value in: "testnet" | "mainnet" | "devnet"

ephemeralPublicKey
Required
string

The ephemeral public key created during the zkLogin process, encoded as a base64 string.

additionalEpochsnumber

The amount of epochs that you would like to have the nonce be valid for.

Default: 2Minimum: 0Maximum: 30
curl -X POST "https://api.enoki.mystenlabs.com/v1/zklogin/nonce" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "network": "testnet",
    "ephemeralPublicKey": "string",
    "additionalEpochs": 2
  }'

Successful response

{
  "data": {
    "nonce": "string",
    "randomness": "string",
    "epoch": 0,
    "maxEpoch": 0,
    "estimatedExpiration": 0
  }
}

POST
/v1/zklogin/zkp

Create zkLogin ZKP

Creates a zero-knowledge proof, which is used to submit transactions to Sui.

/v1/zklogin/zkp

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

networkstring

The Sui network you wish to use. Defaults to mainnet.

Default: "mainnet"Value in: "testnet" | "mainnet" | "devnet"

ephemeralPublicKey
Required
string

The ephemeral public key created during the zkLogin process, encoded as a base64 string.

maxEpoch
Required
integer

The maxEpoch created during the zkLogin process.

Minimum: 0

randomness
Required
string

The randomness created during the zkLogin process.

Header Parameters

zklogin-jwt
Required
string

The JWT of the user signed in with zkLogin.

curl -X POST "https://api.enoki.mystenlabs.com/v1/zklogin/zkp" \
  -H "zklogin-jwt: string" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "network": "testnet",
    "ephemeralPublicKey": "string",
    "maxEpoch": 0,
    "randomness": "string"
  }'

Successful response

{
  "data": {
    "proofPoints": null,
    "issBase64Details": null,
    "headerBase64": null,
    "addressSeed": "string"
  }
}

POST
/v1/transaction-blocks/sponsor

Create sponsored transaction

Creates sponsored transaction

/v1/transaction-blocks/sponsor

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

networkstring

The Sui network you wish to use. Defaults to mainnet.

Default: "mainnet"Value in: "testnet" | "mainnet" | "devnet"

transactionBlockKindBytes
Required
string

Bytes of the transaction with the onlyTransactionKind flag set to true.

senderstring

The address sending the transaction. Include this parameter if not including the zklogin-jwt header. This option is only supported when calling the API from a backend service using a private key.

allowedAddressesarray<string>

List of Sui addresses that can be present in the transaction. These addresses are combined with the list configured in the Enoki Developer Portal. Transactions attempting to refer to or transfer assets outside of these addresses are rejected.

allowedMoveCallTargetsarray<string>

List of permitted Move targets the sponsored user's transactions can call.

Header Parameters

zklogin-jwtstring

The JWT of the user signed in with zkLogin.

curl -X POST "https://api.enoki.mystenlabs.com/v1/transaction-blocks/sponsor" \
  -H "zklogin-jwt: string" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "network": "testnet",
    "transactionBlockKindBytes": "string",
    "sender": "string",
    "allowedAddresses": [
      "string"
    ],
    "allowedMoveCallTargets": [
      "string"
    ]
  }'

Successful response

{
  "data": {
    "digest": "string",
    "bytes": "string"
  }
}

POST
/v1/transaction-blocks/sponsor/{digest}

Submits a sponsored transaction for execution

Submits a transaction created from /transaction-blocks/sponsor for execution.

/v1/transaction-blocks/sponsor/{digest}

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

signature
Required
string

User signature of the transaction.

Path Parameters

digest
Required
string

The digest of the previously-created sponsored transaction block to execute.

curl -X POST "https://api.enoki.mystenlabs.com/v1/transaction-blocks/sponsor/string" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "signature": "string"
  }'

Successful response

{
  "data": {
    "digest": "string"
  }
}

GET
/v1/zklogin

Get address for zkLogin user

Returns the address and salt value for the given JWT. If the JWT is not valid, the API will return an error code.

/v1/zklogin

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Header Parameters

zklogin-jwt
Required
string

The JWT of the user signed in with zkLogin.

curl -X GET "https://api.enoki.mystenlabs.com/v1/zklogin" \
  -H "zklogin-jwt: string" \
  -H "Authorization: Bearer <token>"

Successful response

{
  "data": {
    "salt": "string",
    "address": "string",
    "publicKey": "string"
  }
}

GET
/v1/app

Get app metadata

Returns the public metadata (configured in the Enoki Developer Portal) of the app associated with the API key.

/v1/app

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

curl -X GET "https://api.enoki.mystenlabs.com/v1/app" \
  -H "Authorization: Bearer <token>"

Successful response

{
  "data": {
    "allowedOrigins": [
      "https://example.com"
    ],
    "authenticationProviders": [
      {
        "providerType": "google",
        "clientId": "..."
      }
    ],
    "domains": [
      {
        "nftId": "string",
        "name": "string",
        "network": "testnet"
      }
    ]
  }
}

GET
/v1/subnames

Get a list of subnames for an address

Get a list of subnames for an address

/v1/subnames

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Query Parameters

networkstring

The network subnames are registered on.

Default: "mainnet"Value in: "testnet" | "mainnet"

domainstring

The domain name the subname is on.

addressstring

The address to resolve subnames for

curl -X GET "https://api.enoki.mystenlabs.com/v1/subnames?network=testnet&domain=string&address=string" \
  -H "Authorization: Bearer <token>"

Successful response

{
  "data": {
    "subnames": [
      {
        "name": "string",
        "status": "PENDING"
      }
    ]
  }
}

POST
/v1/subnames

Create a subname

Creates a subname

/v1/subnames

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

domain
Required
string

The domain name to create the subname under.

networkstring

The network the domain and subname are registered on.

Default: "mainnet"Value in: "testnet" | "mainnet"

subname
Required
string

The subname to create.

targetAddressstring

The address the new subname will resolve to

Header Parameters

zklogin-jwtstring

The JWT of the user signed in with zkLogin.

curl -X POST "https://api.enoki.mystenlabs.com/v1/subnames" \
  -H "zklogin-jwt: string" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "domain": "string",
    "network": "testnet",
    "subname": "string",
    "targetAddress": "string"
  }'

Successful response

{
  "data": {
    "name": "string"
  }
}

DELETE
/v1/subnames

Delete a subname

Deletes a subname

/v1/subnames

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

application/jsonRequired

domain
Required
string

The domain name the subname is on.

networkstring

The network the domain and subname are registered on.

Default: "mainnet"Value in: "testnet" | "mainnet"

subname
Required
string

The subname to delete.

targetAddressstring

The address the new subname will resolve to

curl -X DELETE "https://api.enoki.mystenlabs.com/v1/subnames" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "domain": "string",
    "network": "testnet",
    "subname": "string",
    "targetAddress": "string"
  }'

Successful response

{
  "data": {
    "name": "string"
  }
}

Previous

HTTP API Reference

Next

Enoki Developer Portal FAQ