Skip to main content

Cosmos REST/gRPC API Overview

Updated on
Sep 05, 2025

With a QuickNode Cosmos endpoint, you can interact with Cosmos chains using either REST or gRPC. The REST API serves JSON over HTTP, making it easy to fetch balances, transactions, and other on-chain data with standard web tools. The gRPC API uses Protocol Buffers over HTTP/2, offering faster, strongly typed requests and streaming support for real-time data. Use REST for quick, human-readable integrations, and gRPC when you need high-performance backend services at scale.

Authentication Required for Cosmos gRPC

To ensure secure access to Cosmos gRPC, users are required to authenticate themselves. This authentication process is necessary before utilizing any method. QuickNode endpoints consist of two crucial components: the endpoint name and the corresponding token. Users will need to use these two components to configure a gRPC client with authentication credentials before they make any method calls.

Authentication for the Cosmos gRPC can be handled in two ways:

  1. Basic Authentication
  2. x-token Authentication

Throughout this documentation, we will call either the getClientWithBasicAuth or getClientWithXToken functions to demonstrate how to handle these different authentication mechanisms.

Basic Authentication

The getClientWithBasicAuth function demonstrates how to handle authentication using Basic Authentication, which encodes the credentials as base64. Below is the code implementation of the getClientWithBasicAuth function as well as the basicAuth implementation of RPC credentials:

import (
	"context"
	"crypto/tls"
	"encoding/base64"
	"fmt"
	"google.golang.org/grpc"
	"google.golang.org/grpc/credentials"
)

func getClientWithBasicAuth(endpoint, token string) (*grpc.ClientConn, error) {
	target := endpoint + ".cosmos-mainnet.quiknode.pro:9090" // for TLS connections
	conn, err := grpc.Dial(target,
		grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})),
		grpc.WithPerRPCCredentials(basicAuth{
			username: endpoint,
			password: token,
		}),
	)
	if err != nil {
		return nil, fmt.Errorf("Unable to dial endpoint %w", err)
	}
	return conn, nil
}

// basicAuth implements the credentials.PerRPCCredentials interface to support basic authentication for grpc requests.
type basicAuth struct {
	username string
	password string
}

func (b basicAuth) GetRequestMetadata(ctx context.Context, in ...string) (map[string]string, error) {
	auth := b.username + ":" + b.password
	enc := base64.StdEncoding.EncodeToString([]byte(auth))
	return map[string]string{"authorization": "Basic " + enc}, nil
}

func (basicAuth) RequireTransportSecurity() bool {
	return false
}

The getClientWithBasicAuth function configures a gRPC client with the necessary security options and establishes a connection to the specified endpoint on port 9090. It takes the endpoint name and token as input parameters and returns a gRPC client connection, which you can use to make authenticated API calls.

conn, err := getClientWithBasicAuth("ENDPOINT_NAME", "TOKEN")
if err != nil {
	log.Fatalf("err: %v", err)
}
defer conn.Close()

x-token Authentication

The getClientWithXToken function demonstrates how to handle authentication using an x-token. This method attaches the token to the x-token header of each request.


import (
    "context"
    "crypto/tls"
    "fmt"
    "google.golang.org/grpc"
    "google.golang.org/grpc/credentials"
)

func getClientWithXToken(endpoint, token string) (*grpc.ClientConn, error) {
    target := endpoint + ".cosmos-mainnet.quiknode.pro:9090" // for TLS connections
    conn, err := grpc.Dial(target,
        grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})),
        grpc.WithPerRPCCredentials(auth{
            token: token,
        }),
    )
    if err != nil {
        return nil, fmt.Errorf("Unable to dial endpoint %w", err)
    }
    return conn, nil
}

// auth implements the credentials.PerRPCCredentials interface to support x-token authentication for grpc requests.
type auth struct {
    token string
}

func (a *auth) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
    return map[string]string{
        "x-token": a.token,
    }, nil
}

func (auth) RequireTransportSecurity() bool {
    return false
}

This method configures a gRPC client similarly to the basic authentication example, but it attaches the authentication token in the x-token header. Here's how you can use this function to make API calls:


conn, err := getClientWithXToken("ENDPOINT_NAME", "TOKEN")
if err != nil {
    log.Fatalf("err: %v", err)
}
defer conn.Close()

We ❤️ Feedback!

If you have any feedback or questions about this documentation, let us know. We'd love to hear from you!

Last updated on
Share this doc