The Sample App uses Next.js API routes combined with Environment Variables located on the server in order to securely access the Asset Layer API.

Caution: Your ASSETLAYER_APP_SECRET should never be configured on the client and exposed in the browser.

About Next.js API Routes

Next.js has a page-based routing system, and an API route feature which allows you to create APIs endpoints in a pages directory as though you're writing backend code. Next.js API Routes let you combine backend code along with your frontend code, thereby eliminating the need for extra codebases.

If you are not using Next.js for your project, then you'll need to pass API requests to Asset Layer through a proxy server that will validate requests and append your ASSETLAYER_APP_SECRET.

Any file inside the folder pages/api is mapped to /api/* and will be treated as an API endpoint instead of a page. They are server-side only bundles and won't increase your client-side bundle size. All of the Asset Layer API endpoints are represented in pages/api for your convenience, and are organized in the following directories:

• app

• asset

• auth

• collection

• expression

• handcash

• slot

• user

Example with Axios

For API requests that only require your app secret, you can call the API endpoint using a library like axios.

const getSlot = async (slotId)=>{ 
  const slotsObject = (await axios.post('/api/slot/info', { slotId }));
  return slotsObject.data.body.slot;
}

Example with Asset Layer SDK

For API requests that require a DID token, we recommend using the Asset Layer SDK which is installed as part of the setup process.

const collectionsObject = await assetlayerClient.collections.safe.getCollections({collectionIds: collections, idOnly: false });