curl --request POST \
--url https://api.privy.io/v1/policies \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--header 'privy-app-id: <privy-app-id>' \
--data '{
"version": "1.0",
"name": "<string>",
"chain_type": "ethereum",
"rules": [
{
"name": "<string>",
"method": "eth_sendTransaction",
"conditions": [
{
"field_source": "ethereum_transaction",
"field": "to",
"operator": "eq",
"value": "<string>"
}
],
"action": "ALLOW"
}
],
"owner": {
"public_key": "<string>"
},
"owner_id": "<string>"
}'
{
"id": "tb54eps4z44ed0jepousxi4n",
"name": "Allowlisted stablecoins",
"chain_type": "ethereum",
"rules": [
{
"name": "Allowlist USDC contract on Base",
"method": "eth_sendTransaction",
"conditions": [
{
"field_source": "ethereum_transaction",
"field": "to",
"operator": "eq",
"value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
}
],
"action": "ALLOW"
}
],
"owner_id": null,
"version": "1.0",
"created_at": 1741833088894
}
Create a new policy.
curl --request POST \
--url https://api.privy.io/v1/policies \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--header 'privy-app-id: <privy-app-id>' \
--data '{
"version": "1.0",
"name": "<string>",
"chain_type": "ethereum",
"rules": [
{
"name": "<string>",
"method": "eth_sendTransaction",
"conditions": [
{
"field_source": "ethereum_transaction",
"field": "to",
"operator": "eq",
"value": "<string>"
}
],
"action": "ALLOW"
}
],
"owner": {
"public_key": "<string>"
},
"owner_id": "<string>"
}'
{
"id": "tb54eps4z44ed0jepousxi4n",
"name": "Allowlisted stablecoins",
"chain_type": "ethereum",
"rules": [
{
"name": "Allowlist USDC contract on Base",
"method": "eth_sendTransaction",
"conditions": [
{
"field_source": "ethereum_transaction",
"field": "to",
"operator": "eq",
"value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
}
],
"action": "ALLOW"
}
],
"owner_id": null,
"version": "1.0",
"created_at": 1741833088894
}
Basic Auth header with your app ID as the username and your app secret as the password.
ID of your Privy app.
Request authorization signature. If multiple signatures are required, they should be comma separated.
Created policy object.
The response is of type object
.