Social identity -> Stellar key
Signer-proxy endpoint. The BFF (createSignerProxyRoute({ provider: 'web3auth', ... })) forwards this request to the facilitator’s /auth/social with the server-held API key injected. The facilitator verifies the provider identity token, derives or recovers the user’s Stellar key, and returns it.
Never call the facilitator’s /auth/social directly from the browser. Use the BFF route: the SDK’s @buckspay/signers/social posts to your same-origin BFF which proxies the call.
The request body is provider-specific (Web3Auth / web3auth verifier). The response publicKey is a Stellar G-address (ed25519 StrKey).
Authorizations
Server-held API key. Injected by the BFF (createRelayRoute / createSignerProxyRoute from @buckspay/nextjs). This key must only appear in server-side code and must never be shipped to a browser bundle.
Body
Provider-specific authentication payload. The BFF (createSignerProxyRoute) validates only that the body is a JSON object and proxies it transparently to the facilitator. Fields are provider-specific (social: idToken + verifier; email: email + code).
Response
Identity verified. Returns the derived Stellar public key.
Successful auth response. Mirrors the SDK AuthDetails type from @buckspay/core. The response is a transparent proxy of the facilitator's body.
Derived Stellar G-address for this identity. Stable across sessions for the same provider + user.
^G[A-Z2-7]{55}$Provider identifier (e.g. google, email).
Unix timestamp (seconds) after which the derived key session should be refreshed. Omitted if the provider does not issue expiring sessions.

