Skip to main content
POST
/
v1
/
policies
Create Policy
curl --request POST \
  --url https://api.privy.io/v1/policies \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '
{
  "version": "1.0",
  "name": "<string>",
  "chain_type": "ethereum",
  "rules": [
    {
      "name": "<string>",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "<string>"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner": {
    "public_key": "<string>"
  },
  "owner_id": "<string>"
}
'
{
  "id": "tb54eps4z44ed0jepousxi4n",
  "name": "Allowlisted stablecoins",
  "chain_type": "ethereum",
  "rules": [
    {
      "id": "bdyfoa65pro1eez6iwtzanol",
      "name": "Allowlist USDC contract on Base",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner_id": null,
  "version": "1.0",
  "created_at": 1741833088894
}

SDK methods

Learn more about creating policies using our SDKs here.

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-idempotency-key
string

Idempotency keys ensure API requests are executed only once within a 24-hour window.

Body

application/json
version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Required string length: 1 - 50
chain_type
enum<string>
required

The chain type the policy applies to.

Available options:
ethereum,
solana,
tron,
sui
rules
PolicyRuleRequestBody · object[]
required
owner

The owner of the resource. If you provide this, do not specify an owner_id as it will be generated automatically. When updating a wallet, you can set the owner to null to remove the owner.

owner_id
string

The key quorum ID to set as the owner of the resource. If you provide this, do not specify an owner.

Response

200 - application/json

Created policy object.

A policy for controlling wallet operations.

version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Required string length: 1 - 50
chain_type
enum<string>
required

The chain type the policy applies to.

Available options:
ethereum,
solana,
tron,
sui
id
string
required

Unique ID of the created policy. This will be the primary identifier when using the policy in the future.

Required string length: 24
owner_id
string | null
required

The key quorum ID of the owner of the policy.

created_at
number
required

Unix timestamp of when the policy was created in milliseconds.

rules
PolicyRuleResponse · object[]
required