# Retrieves the message that must be signed to view private domain profile data

Retrieve the message text that must be signed by the domain owner. The request URL and any request data must match exactly the data that will be used on the signature required endpoint.

Endpoint: GET /user/{domain}/signature
Version: 1.0.0

## Path parameters:

  - `domain` (string, required)
    The domain name to query profile data

## Query parameters:

  - `expiry` (number)
    Expiry time represented by milliseconds since epoch
    Example: 1765522015090

  - `device` (boolean)
    Indicates the user wishes to authorize and remember the device for profile management
    Example: true

## Response 200 fields (application/json):

  - `message` (string)
    The message that must be signed by the domain owner's private key to authenticate a subsequent request

  - `headers` (object)

  - `headers.x-auth-domain` (string)
    The domain that must be included in subsequent request header
    Example: "mydomain.tld"

  - `headers.x-auth-expires` (string)
    Expiration time that must be included in subsequent request header
    Example: "Milliseconds since epoch"


## Response 404 fields