Skip to main content

Authentication

All endpoints require the following headers unless otherwise noted:
Authorization
string
required
Bearer token (JWT) for end-user authentication. Format: Bearer YOUR_JWT_TOKEN
X-MAGIC-SECRET-KEY
string
required
Your Magic secret key for application-level authentication.

Sign Data

Sign data with the authenticated user’s Magic wallet.
cURL
curl -X POST 'https://uoa-server.magic.xyz/wallet/sign' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer USER_JWT_TOKEN' \
  -H 'X-MAGIC-SECRET-KEY: YOUR_MAGIC_SECRET_KEY' \
  -d '{
    "message": "Hello, world!"
  }'
Response: 
{
  "success": true,
  "signature": "0xabcdef1234567890...",
  "raw_data_hash": "0x1234567890abcdef...",
  "app_user_id": "user-123"
}

Request Parameters

raw_data_hash
string
A 0x-prefixed hex hash to sign directly. Provide either this or message.
message
string
A plain text message to hash (keccak256) and sign. Provide either this or raw_data_hash.
You must provide exactly one of raw_data_hash or message. Providing both or neither will return an error.

Response Fields

success
boolean
Whether the signing operation completed successfully.
signature
string
The hex-encoded signature.
raw_data_hash
string
The hash that was signed.
app_user_id
string
The user identifier from your application.

Withdraw to External Address

Send funds from the authenticated user’s Magic wallet to an external address.
cURL
curl -X POST 'https://uoa-server.magic.xyz/withdraw' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer USER_JWT_TOKEN' \
  -H 'X-MAGIC-SECRET-KEY: YOUR_MAGIC_SECRET_KEY' \
  -d '{
    "to_address": "0xRecipientAddress...",
    "amount": "50",
    "token": "USDC",
    "chain": "ARB"
  }'
Response: 
{
  "success": true,
  "tx_hash": "0xabcdef1234567890...",
  "from_address": "0x1234...5678",
  "to_address": "0xRecipientAddress...",
  "amount": "50",
  "token": "USDC",
  "chain": "ARB",
  "message": "Withdrawal completed"
}

Request Parameters

to_address
string
required
The recipient wallet address.
amount
string
required
The amount to withdraw as a decimal string.
token
string
default:"USDC"
The token to withdraw. Values: ETH, WETH, USDC, USDC.E, POL, SOL
chain
string
default:"ARB"
The chain to withdraw on. Values: ETH, ARB, POL, SOL, STRK, INK

Supported Token/Chain Combinations

ChainSupported Tokens
ETHETH, WETH, USDC, USDC.E
ARBETH, WETH, USDC, USDC.E
POLPOL, USDC, USDC.E
SOLSOL, USDC
STRKETH, USDC
INKETH, WETH, USDC

Response Fields

success
boolean
Whether the withdrawal was executed successfully.
tx_hash
string
The on-chain transaction hash.
from_address
string
The sender’s wallet address.
to_address
string
The recipient’s wallet address.
amount
string
The amount withdrawn.
token
string
The token that was withdrawn.
chain
string
The chain the withdrawal was executed on.
message
string
Human-readable status message.