> ## Documentation Index
> Fetch the complete documentation index at: https://docs.privy.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Add to allowlist

> Add a new entry to the allowlist for an app. The allowlist must be enabled.

### SDK methods

Learn more about managing your allowlist using our SDKs [here](/user-management/users/managing-users/allowlist#adding-to-the-allow-list).


## OpenAPI

````yaml post /v1/apps/{app_id}/allowlist
openapi: 3.1.0
info:
  version: 0.0.1
  title: Privy API
  description: >-
    REST API for Privy's wallet infrastructure — provision and manage wallets
    across EVM, Solana, and Bitcoin, authenticate users, sign transactions, and
    configure programmable policies and authorization intents.
  contact:
    name: Privy
    url: https://www.privy.io/
    email: support@privy.io
servers:
  - url: https://api.privy.io
security: []
tags:
  - name: Accounts
    description: Operations related to asset accounts
  - name: Aggregations
    description: Operations related to aggregations for tracking and measuring metrics
  - name: Apps
    description: Operations related to app settings and allowlist management
  - name: Client Auth
    description: OAuth token exchange and device authorization operations
  - name: Condition Sets
    description: Operations related to condition sets
  - name: Embedded wallets
    description: Operations related to embedded wallet creation and authentication
  - name: Fiat
    description: Operations related to fiat onramping and offramping
  - name: Intents
    description: Operations related to authorization intents for wallet actions
  - name: Key quorums
    description: Operations related to key quorums
  - name: Kraken Embed
    description: >-
      Operations for Kraken Embed integration, including quotes, trades, user
      management, and portfolio operations
  - name: OAuth
    description: >-
      OAuth 2.0 endpoints including Device Authorization Grant (RFC 8628) for
      CLI and limited-input device login flows
  - name: Organizations
    description: Operations related to organization secret management
  - name: Policies
    description: Operations related to policies
  - name: Shared
    description: Common schemas shared across resources
  - name: Swaps
    description: Operations for swapping tokens within wallets
  - name: Transactions
    description: Operations related to transactions
  - name: User signers
    description: Operations related to user signers
  - name: Users
    description: Operations related to users
  - name: Wallet Actions
    description: Operations related to wallet actions
  - name: Wallets
    description: Operations related to wallets
  - name: Webhooks
    description: >-
      Webhook events that Privy sends to your configured endpoint when specific
      actions occur in your app
  - name: Yield
    description: >-
      Operations for depositing and withdrawing funds from ERC-4626 yield vaults
      (Morpho, Aave)
paths:
  /v1/apps/{app_id}/allowlist:
    post:
      tags:
        - Apps
      summary: Add to allowlist
      description: >-
        Add a new entry to the allowlist for an app. The allowlist must be
        enabled.
      operationId: createAllowlistEntry
      parameters:
        - schema:
            type: string
            description: The ID of the app.
          required: true
          name: app_id
          in: path
        - schema:
            type: string
            description: ID of your Privy app.
          required: true
          name: privy-app-id
          in: header
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserInviteInput'
            example:
              type: email
              value: batman@privy.io
      responses:
        '200':
          description: The created allowlist entry.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AllowlistEntry'
              example:
                id: abc123
                type: email
                value: batman@privy.io
                appId: clxyz456
                acceptedAt: null
      security:
        - appSecretAuth: []
components:
  schemas:
    UserInviteInput:
      oneOf:
        - $ref: '#/components/schemas/EmailInviteInput'
        - $ref: '#/components/schemas/EmailDomainInviteInput'
        - $ref: '#/components/schemas/WalletInviteInput'
        - $ref: '#/components/schemas/PhoneInviteInput'
      discriminator:
        propertyName: type
        mapping:
          email:
            $ref: '#/components/schemas/EmailInviteInput'
          emailDomain:
            $ref: '#/components/schemas/EmailDomainInviteInput'
          wallet:
            $ref: '#/components/schemas/WalletInviteInput'
          phone:
            $ref: '#/components/schemas/PhoneInviteInput'
      description: Input for adding or removing an allowlist entry. Discriminated by type.
      title: UserInviteInput
      x-stainless-model: apps.user_invite_input
    AllowlistEntry:
      type: object
      properties:
        id:
          type: string
        type:
          type: string
        value:
          type: string
        appId:
          type: string
        acceptedAt:
          type:
            - number
            - 'null'
      required:
        - id
        - type
        - value
        - appId
        - acceptedAt
      description: An allowlist entry for an app.
      title: AllowlistEntry
      x-stainless-model: apps.allowlist_entry
    EmailInviteInput:
      type: object
      properties:
        type:
          type: string
          enum:
            - email
        value:
          type: string
          format: email
      required:
        - type
        - value
      additionalProperties: false
      description: Allowlist invite input for an email address.
      title: EmailInviteInput
      x-stainless-model: apps.email_invite_input
    EmailDomainInviteInput:
      type: object
      properties:
        type:
          type: string
          enum:
            - emailDomain
        value:
          $ref: '#/components/schemas/EmailDomain'
      required:
        - type
        - value
      additionalProperties: false
      description: Allowlist invite input for an email domain.
      title: EmailDomainInviteInput
      x-stainless-model: apps.email_domain_invite_input
    WalletInviteInput:
      type: object
      properties:
        type:
          type: string
          enum:
            - wallet
        value:
          anyOf:
            - type: string
            - type: string
      required:
        - type
        - value
      additionalProperties: false
      description: Allowlist invite input for a wallet address.
      title: WalletInviteInput
      x-stainless-model: apps.wallet_invite_input
    PhoneInviteInput:
      type: object
      properties:
        type:
          type: string
          enum:
            - phone
        value:
          type: string
      required:
        - type
        - value
      additionalProperties: false
      description: Allowlist invite input for a phone number.
      title: PhoneInviteInput
      x-stainless-model: apps.phone_invite_input
    EmailDomain:
      type: string
      description: An email domain.
      title: EmailDomain
      x-stainless-model: apps.email_domain
  securitySchemes:
    appSecretAuth:
      type: http
      scheme: basic
      description: >-
        Basic Auth header with your app ID as the username and your app secret
        as the password.

````