> ## Documentation Index
> Fetch the complete documentation index at: https://docs.privy.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Getting started with the Privy REST API

Privy offers low-level APIs you can use to interact with wallets and user objects directly. This means APIs to interface with the following resources:

* **Users**: create user objects with appropriate linked accounts and pregenerate wallets for them.
* **Wallets**: create, update and use wallets across blockchains.
* **Authorization keys**: create and manage authorization keys to manage wallets.
* **Policies**: create and manage policies tied to wallets.
* **Webhooks**: subscribe to Privy webhooks and react to events in your app.

Read more about direct API access below.

For experimental APIs that are part of Privy's supported Labs program, see [Privy Labs
APIs](/api-reference/labs/overview).

## Base URL

All requests to the Privy API must be made to the following base URL:

```
https://api.privy.io
```

HTTPS is required for all requests. HTTP requests will be rejected.

## Authentication

All API endpoints require authentication using Basic Auth and a Privy App ID header. Include the following headers with every request:

<ParamField header="Authorization" type="string" example="Basic ouihv9248hosd9020oihj0v10d=" required>
  Basic Auth header with your app ID as the username and your app secret as the password.
</ParamField>

<ParamField header="privy-app-id" type="string" example="cla06f34x0001mh08l8nsr496" required>
  Your Privy app ID as a string.
</ParamField>

Requests missing either of these headers will be rejected by Privy's middleware.

<Info>
  Your Privy app ID and app secret can be found in the [**App settings** >
  **Basics**](https://dashboard.privy.io/apps?page=settings\&tab=basics) tab for your app.
</Info>

## Examples

<Tabs>
  <Tab title="JavaScript">
    ```javascript theme={"system"}
    fetch('https://api.privy.io/v1/wallets', {
      method: 'GET',
      headers: {
        'Authorization': `Basic ${btoa('insert-your-app-id' + ':' + 'insert-your-app-secret')}`,
        'privy-app-id': 'insert-your-app-id',
        'Content-Type': 'application/json'
      }
    })
    .then(response => response.json())
    .then(data => console.log(data));
    ```
  </Tab>

  <Tab title="cURL">
    ```bash theme={"system"}
    curl -X GET "https://api.privy.io/v1/wallets" \
      --user "insert-your-app-id:insert-your-app-secret" \
      -H "privy-app-id: insert-your-app-id" \
      -H "Content-Type: application/json"
    ```
  </Tab>
</Tabs>

## Rate limits

Privy rate limits REST API endpoints to ensure fair usage and system stability. When you encounter a rate limit (HTTP 429 response), implement retry logic with exponential backoff to handle these gracefully.

<Tip>
  Learn best practices for handling rate limits, including batching, caching, and retry strategies
  in our [optimizing your setup](/recipes/dashboard/optimizing#handling-rate-limits) guide.
</Tip>
