Anonymous Signup
Some products need users authenticated before asking for personal details. Crypto wallets, gaming, and marketplace apps benefit from letting users register with just a passkey — no email, no external ID. TryMellon supports this via anonymous signup: create a passkey-backed user instantly, then optionally link an email or wallet address later.
How it works
When you call signUp without an externalUserId, the backend creates an anonymous user with isAnonymous: true. The user gets a valid session token immediately. You can link an email or wallet at any point after signup — the user keeps the same userId and credentials.
Anonymous users behave identically to named users for authentication, action signing, and session binding. The only difference is the absence of a linked identifier until one is explicitly added.
SDK usage
const client = TryMellon.create({ applicationId: 'your-app-id' }).value;
// Anonymous signup — no external ID needed
const result = await client.signUp({});
// result.value.sessionToken — user is authenticated
// result.value.userId — anonymous user IDThe response shape is the same as a named signup. result.value.user.externalUserId will be null until you link an identifier.
Link an email later
Once the user is ready to provide an email (e.g. before checkout, or to enable recovery), use the identity linking flow:
const challenge = await client.identity.link(userId, { email: '[email protected]' });
// OTP sent to email
const verified = await client.identity.verify(userId, { otp: '123456' });After verification, the user is no longer anonymous. The linked email appears in session tokens and webhook payloads.
Link a wallet
Wallet linking uses the SIWE verification flow. After a successful SIWE signature, the wallet address is linked as an identifier. See SIWE Login (EIP-4361) for the full flow.
Recovery
Anonymous users without a linked email or wallet have no recovery path. If the user loses their device, the passkey is gone and the account is unrecoverable. This is by design (ADR-026, ADR-039) — if your product requires recovery, prompt the user to link an email before they leave the onboarding flow.
API reference
| Endpoint | Method | Description |
|---|---|---|
/v1/passkeys/register/start | POST | Start registration. external_user_id is optional — omit for anonymous. |
/v1/users/:id/identifiers | POST | Link an email or wallet to an existing user. Sends OTP for email. |
/v1/users/:id/identifiers/verify | POST | Verify the OTP and finalize the link. |
/v1/users/:id/identifiers/:identifier_id | DELETE | Remove a linked identifier. |