Skip to main content
Privy offers low-level APIs you can use to interact with wallets and user objects directly. This means APIs to interface with the following resources:
  • Users: create user objects with appropriate linked accounts and pregenerate wallets for them.
  • Wallets: create, update and use wallets across blockchains.
  • Authorization keys: create and manage authorization keys to manage wallets.
  • Policies: create and manage policies tied to wallets.
Read more about direct API access below.

Base URL

All requests to the Privy API must be made to the following base URL: 
https://api.privy.io
HTTPS is required for all requests. HTTP requests will be rejected.

Authentication

All API endpoints require authentication using Basic Auth and a Privy App ID header. Include the following headers with every request:
Authorization
string
required
Basic Auth header with your app ID as the username and your app secret as the password.
privy-app-id
string
required
Your Privy app ID as a string.
Requests missing either of these headers will be rejected by Privy’s middleware.
Your Privy app ID and app secret can be found in the App settings > Basics tab for your app.

Examples

fetch('https://api.privy.io/v1/wallets', {
  method: 'GET',
  headers: {
    'Authorization': `Basic ${btoa('insert-your-app-id' + ':' + 'insert-your-app-secret')}`,
    'privy-app-id': 'insert-your-app-id',
    'Content-Type': 'application/json'
  }
})
.then(response => response.json())
.then(data => console.log(data));

Rate limits

Privy rate limits REST API endpoints to ensure fair usage and system stability. When you encounter a rate limit (HTTP 429 response), implement retry logic with exponential backoff to handle these gracefully.
Learn best practices for handling rate limits, including batching, caching, and retry strategies in our optimizing your setup guide.