Skip to main content

Login

Authenticate a user and obtain a JWT token for accessing protected endpoints.

Authentication

Requires JWT authentication via Authorization: Bearer <token> header.

Headers

Authorization
string
required
Bearer token for authentication
Authorization: Bearer <your_jwt_token>
Content-Type
string
required
Request content type
Content-Type: application/json
Accept
string
required
Response content type
Accept: application/json
Origin
string
required
Request origin
Origin: https://pump.fun

Request Body

wallet
string
required
User’s wallet address for authentication
signature
string
required
Cryptographic signature proving wallet ownership
message
string
required
The message that was signed by the wallet

Response

201
object
Successfully authenticated

Response Schema

token
string
JWT authentication token for subsequent API requests
expiresIn
number
Token expiration time in seconds
user
object
Authenticated user information
id
string
User’s unique identifier
wallet
string
User’s wallet address
username
string
User’s display name

Example Usage

curl -X POST "https://frontend-api-v3.pump.fun/auth/login" \
  -H "Authorization: Bearer <your_token>" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -H "Origin: https://pump.fun" \
  -d '{
    "wallet": "<wallet_address>",
    "signature": "<signature>",
    "message": "<signed_message>"
  }'

Error Responses

400
object
Bad Request - Invalid credentials or malformed request
{
  "statusCode": 400,
  "message": "Invalid signature or wallet address"
}
401
object
Unauthorized - Authentication failed
{
  "statusCode": 401,
  "message": "Invalid credentials"
}
Store the JWT token securely. Never expose it in client-side code or commit it to version control.

Logout

Invalidate the current user session and JWT token.

Authentication

Requires JWT authentication via Authorization: Bearer <token> header.

Headers

Authorization
string
required
Bearer token to invalidate
Authorization: Bearer <your_jwt_token>
Accept
string
required
Response content type
Accept: application/json
Origin
string
required
Request origin
Origin: https://pump.fun

Response

201
object
Successfully logged out

Example Usage

curl -X POST "https://frontend-api-v3.pump.fun/auth/logout" \
  -H "Authorization: Bearer <your_token>" \
  -H "Accept: application/json" \
  -H "Origin: https://pump.fun"

Best Practices

  • Always call the logout endpoint when the user explicitly logs out
  • Clear the JWT token from local storage after logout
  • Handle logout on token expiration
  • Implement automatic logout after a period of inactivity

Authentication Flow

  1. Request Message: Request a message to sign from the platform
  2. Sign Message: User signs the message with their wallet
  3. Login: Submit wallet address, signature, and message to /auth/login
  4. Receive Token: Store the JWT token securely
  5. Use Token: Include token in Authorization header for all API requests
  6. Logout: Call /auth/logout to invalidate the session

Build docs developers (and LLMs) love

Get started for freeTalk to us