跳至主要內容

Flow REST/gRPC API Overview

更新於
Nov 21, 2025

Authentication Required for Flow gRPC (Access API)

To ensure secure access to Flow gRPC (Access API), users are required to authenticate themselves. This authentication process is necessary before utilizing any method. Quicknode endpoints consist of two crucial components: the endpoint name and the corresponding 代幣. Users will need to use these two components to configure a gRPC client with authentication credentials before they make any method calls.

Authentication for the Flow gRPC (Access API) can be handled in two ways:


  1. Basic Authentication
  2. x-token Authentication

Throughout this documentation, we will call either the getAccessClientWithBasicAuthgetAccessClientWithXToken functions to demonstrate how to handle these different authentication mechanisms.

Basic Authentication

getAccessClientWithBasicAuth function demonstrates how to handle authentication using Basic Authentication, which encodes the credentials as base64. Below is the code implementation of the getAccessClientWithBasicAuth function as well as the basicAuth implementation of RPC credentials:

import (
"context"
"crypto/tls"
"encoding/base64"
"fmt"
"github.com/onflow/flow/protobuf/go/flow/access"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
)

func getAccessClientWithBasicAuth(endpoint, token string) (access.AccessAPIClient, error) {
target := endpoint + ".flow-mainnet.quiknode.pro:8999" // for TLS connections
client, err := grpc.Dial(target,
grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})),
grpc.WithPerRPCCredentials(basicAuth{
username: endpoint,
password: token,
}),
)
if err != nil {
return nil, fmt.Errorf("Unable to dial endpoint %w", err)
}
return access.NewAccessAPIClient(client), nil
}

// basicAuth implements the credentials.PerRPCCredentials interface to support basic authentication for grpc requests.
type basicAuth struct {
username string
password string
}

func (b basicAuth) GetRequestMetadata(ctx context.Context, in ...string) (map[string]string, error) {
auth := b.username + ":" + b.password
enc := base64.StdEncoding.EncodeToString([]byte(auth))
return map[string]string{"authorization": "Basic " + enc}, nil
}

func (basicAuth) RequireTransportSecurity() bool {
return false
}

getAccessClientWithBasicAuth function configures a gRPC client with the necessary security options and establishes a connection to the specified endpoint on port 8999. It takes the endpoint name and token as input parameters and returns an instance of the AccessAPIClient interface, which you can use to make authenticated API calls.

client, err := getAccessClientWithBasicAuth("ENDPOINT_NAME", "TOKEN")
if err != nil {
log.Fatalf("err: %v", err)
}

x-token Authentication

getAccessClientWithXToken function demonstrates how to handle authentication using an x-token. This method attaches the token to the x-token header of each request.


import (
"context"
"crypto/tls"
"fmt"
"github.com/onflow/flow/protobuf/go/flow/access"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
)

func getAccessClientWithXToken(endpoint, token string) (access.AccessAPIClient, error) {
target := endpoint + ".flow-mainnet.quiknode.pro:8999" // for TLS connections
client, err := grpc.Dial(target,
grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})),
grpc.WithPerRPCCredentials(auth{
token: token,
}),
)
if err != nil {
return nil, fmt.Errorf("Unable to dial endpoint %w", err)
}
return access.NewAccessAPIClient(client), nil
}

// auth implements the credentials.PerRPCCredentials interface to support x-token authentication for grpc requests.
type auth struct {
token string
}

func (a *auth) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
return map[string]string{
"x-token": a.token,
}, nil
}

func (auth) RequireTransportSecurity() bool {
return false
}

This method configures a gRPC client similarly to the basic authentication example, but it attaches the authentication token in the x-token header. Here's how you can use this function to make API calls:


client, err := getAccessClientWithXToken("ENDPOINT_NAME", "TOKEN")
if err != nil {
log.Fatalf("err: %v", err)
}

我們 ❤️ 您的回饋!

如果您對這份文件有任何意見或疑問,請告訴我們。我們非常樂意聽取您的意見!

分享這份文件