Noas · Nostr Account Service · v—

Simple account storage for Nostr identities.

Noas is primarily an API that stores NIP-49 encrypted keys, relay lists, and profile images. Keep your private key safe and encrypted, retrieve it when you need it, and manage your account in one place.

API status Account portal Endpoints

Important: Save your private key somewhere safe. Noas only stores your encrypted key and cannot recover a lost private key.

Create New Account

Username (3-32 chars, lowercase + dash/underscore/dot) Choose any available username for your NIP-05 identity Email Used for account and verification emails. Password (minimum 8 characters) Confirm Password Redirect URL (optional) Passed through verification link as redirect= Public Key (optional) Leave blank to auto-generate a Nostr keypair. Encrypted Private Key (optional) Provide together with Public Key, or leave both blank for auto-generation. Profile Picture (optional) Attach an image (JPG, PNG, GIF, or WebP) up to 2MB during registration.

Next Step

Open your verification email and continue at /verify?token=....

Account Portal

Register

Create account and send verification email.

POST /api/v1/auth/register

Verify (GET/POST)

Preview token and verify using password hash. Verify responses include relay_allow summary for NIP-86 allowpubkey relay sync.

GET /api/v1/auth/verify POST /api/v1/auth/verify

Resend

Resend verification link; UI clients apply cooldown locally.

POST /api/v1/auth/resend

Sign in

Authenticate with your password hash and retrieve your encrypted key.

POST /api/v1/auth/signin

Update

Rotate password, pubkey, and encrypted key together, or update relays separately.

POST /api/v1/auth/update

Delete

Remove your account after confirmation.

POST /api/v1/auth/delete

Profile Picture

Set a profile image during registration or account update, then fetch it by pubkey or username with Last-Modified caching.

POST /api/v1/auth/register (optional picture fields) POST /api/v1/auth/update (updates.profile_picture_*) GET /api/v1/picture/:pubkey GET /api/v1/picture/:name

NIP-05

Verify usernames with standard NIP-05 lookups.

GET /.well-known/nostr.json

Health

Check service status.

GET /api/v1/health

NIP-46

Remote signer discovery, connection bootstrap, and encrypted request handling for active accounts.

GET /api/v1/nip46/info GET /api/v1/nip46/connect/:username POST /api/v1/nip46/request POST /api/v1/nip46/nostrconnect

Example

Registration payload (auto-generate keypair):

{
  "username": "alice",
  "password": "securepassword123",
  "redirect": "https://nodex.example.com"
}

Registration payload (client-provided keypair):

{
  "username": "alice",
  "password_hash": "sha256_hex_of_password",
  "public_key": "64-char hex pubkey",
  "private_key_encrypted": "ncryptsec1...",
  "redirect": "https://nodex.example.com"
}

NIP-86 note: when NIP86_RELAY_URLS is configured, verification triggers relay JSON-RPC allowpubkey calls for the verified pubkey.

NIP-46 note: remote signing only works for accounts created through signup with a raw password that Noas stored for later key unlock.