원클릭으로
account-authentication
Account signup, login via email/OTP/wallet/biometric, token refresh, password reset, and session management.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Account signup, login via email/OTP/wallet/biometric, token refresh, password reset, and session management.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | Account & Authentication |
| description | Account signup, login via email/OTP/wallet/biometric, token refresh, password reset, and session management. |
| version | 1.0.0 |
| metadata | {"openclaw":{"requires":{"env":["AIOT_API_BASE_URL"]},"primaryEnv":"AIOT_API_BASE_URL"}} |
Use this skill when the user needs to sign up, log in, manage sessions, reset their password, or link a Web3 wallet.
The default API base URL is https://payment-api-dev.aiotnetwork.io. All endpoints are relative to this URL.
To override (e.g. for local development):
export AIOT_API_BASE_URL="http://localhost:8080"
If AIOT_API_BASE_URL is not set, use https://payment-api-dev.aiotnetwork.io as the base for all requests.
send_otp — Send a one-time password to an email address | POST /api/v1/auth/otp/sendverify_otp — Verify an OTP code and receive a verification token | POST /api/v1/auth/otp/verifyotp_rate_limit_status — Check OTP rate limit status for the current session | GET /api/v1/auth/otp/statussignup — Create a new account with email, password, and OTP verification token | POST /api/v1/auth/signuplogin — Login with email and password | POST /api/v1/auth/loginlogin_with_wallet — Login by signing a nonce with a Web3 wallet | POST /api/v1/auth/walletget_wallet_nonce — Get a nonce for wallet-based login | GET /api/v1/auth/wallet/noncebiometric_login — Login using biometric credentials | POST /api/v1/auth/biometricrefresh_token — Refresh an expired access token using a refresh token | POST /api/v1/auth/refreshreset_password — Reset account password using OTP verification | POST /api/v1/auth/reset-passwordunlock_account — Unlock a locked account | POST /api/v1/auth/unlockget_account — Get current account information | GET /api/v1/account | Requires authupdate_password — Change account password | PUT /api/v1/account/password | Requires authlink_wallet — Link a Web3 wallet to the account | PUT /api/v1/account/wallet | Requires authunlink_wallet — Remove a linked Web3 wallet | DELETE /api/v1/account/wallet | Requires authlogout — Logout current session | POST /api/v1/account/logout | Requires authlogout_all — Logout from all sessions | POST /api/v1/account/logout-all | Requires authCreate a new account via email and OTP
Authenticate and receive access/refresh tokens
Follow these instructions when executing this skill:
Always follow the documented flow order. Do not skip steps.
If a tool requires authentication, verify the session has a valid bearer token before calling it.
If a tool requires a transaction PIN, ask the user for it fresh each time. Never cache or log PINs.
Never expose, log, or persist secrets (passwords, tokens, full card numbers, CVVs).
If the user requests an operation outside this skill's scope, decline and suggest the appropriate skill.
If a step fails, check the error and follow the recovery guidance below before retrying.
To sign up a new user: first call send_otp with type "registration", then verify_otp with type "registration", then signup. Never skip OTP verification.
Valid OTP types: "registration" (signup), "forget_password", "account_unlock", "pin_setup", "pin_reset". Always use the correct type for the operation.
To reset a password: first call send_otp with type "forget_password", then verify_otp, then reset_password with the verification token.
All authenticated endpoints require a bearer token obtained from login or login_with_wallet.
When the access token expires (1 hour TTL), call refresh_token with the refresh token. Do not ask the user to log in again.
Never log, store, or repeat the user's password back to them.
If login fails 5 times consecutively, the account locks. To unlock: call send_otp with type "account_unlock", then verify_otp, then unlock_account with the verification token.
Meta-skill that indexes all AIOT platform skills and routes agent requests to the correct sub-skill.
Merchant registration, login, OTP verification, token refresh, and session management for the x402 payment protocol.
x402 payment protocol proxy — create orders, request payment parameters, verify signatures, settle on-chain, and query facilitator capabilities.
Create and manage x402 merchant products, rotate API keys, view payment dashboards, and list settlement history.
Know-Your-Customer verification via MasterPay Global. Submit personal data, upload identity documents, and track approval status.
Decentralized identity (DID) management, on-chain KYC status, and membership tiers with token staking.