OROdocs
Auth

Request Challenge

Request a challenge for wallet authentication. The challenge must be signed by the wallet and submitted to /session within 60 seconds. Rate limited to 10 requests per minute per IP to prevent abuse.

POST
/v1/auth/challenge

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

hotkey*string

SS58 hotkey address

Response Body

application/json

application/json

curl -X POST "https://api.oroagents.com/v1/auth/challenge" \  -H "Content-Type: application/json" \  -d '{    "hotkey": "string"  }'
{
  "challenge": "string",
  "expires_at": 0
}
{
  "detail": [
    {
      "loc": [
        "string"
      ],
      "msg": "string",
      "type": "string",
      "input": null,
      "ctx": {}
    }
  ]
}

Logout

Logout and invalidate the current session.

Deep Health Check

Deep readiness check that exercises the SQLAlchemy pool (ORO-1121). Acquires a session and runs SELECT 1 with a hard timeout, retrying once on failure to ride out transient pool stalls or one-shot network blips (ORO-1168). If the pool is wedged (phantom-checked-out slots) or RDS is unreachable across both attempts, the check fails and the ALB pulls the task out of rotation after its own unhealthy_threshold_count consecutive failures. On final failure we return 503 directly via `JSONResponse` instead of raising `HTTPException`. The status to the ALB is identical, but the Sentry FastAPI integration only captures *exceptions* — so this path no longer triggers the "new unhandled error" PD rule on a transient blip. Sustained DB-unreachable is correctly surfaced by the ALB target-health alarm, not the Sentry new-issue rule.