POST
/
v1
/
policies
Create Policy
curl --request POST \
  --url https://api.privy.io/v1/policies \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '{
  "version": "1.0",
  "name": "<string>",
  "chain_type": "ethereum",
  "rules": [
    {
      "name": "<string>",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "<string>"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner": {
    "public_key": "<string>"
  },
  "owner_id": "<string>"
}'
{
  "id": "tb54eps4z44ed0jepousxi4n",
  "name": "Allowlisted stablecoins",
  "chain_type": "ethereum",
  "rules": [
    {
      "name": "Allowlist USDC contract on Base",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner_id": null,
  "version": "1.0",
  "created_at": 1741833088894
}

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-idempotency-key
string

Idempotency keys ensure API requests are executed only once within a 24-hour window.

Body

application/json

Response

200 - application/json

Created policy object.

The response is of type object.