Securing Privy API requests with authorization signatures
owner_id
field, which indicates the authorization key or quorum whose signatures are required in order to modify the given resource.
This means, if the owner_id
is set, authorization signatures are required for all PATCH
and DELETE
requests to the resource. This includes:
PATCH /v1/wallets/[wallet_id]
DELETE /v1/wallets/[wallet_id]
PATCH /v1/policies/[policy_id]
DELETE /v1/policies/[policy_id]
owner_id
is set, authorization signatures are required for:
POST /v1/wallets/<wallet_id>/rpc
POST /v1/wallets/[wallet_id]/rpc
PATCH /v1/key_quorums/[key_quorum_id]
DELETE /v1/key_quorum/[key_quorum_id]
owner_id
is set, authorization signatures are required for:
Get your private keys
Construct your request
Sign the request
Include the signature as a request header
privy-authorization-signature
header.