POST
/
v1
/
policies
Create Policy
curl --request POST \
  --url https://api.privy.io/v1/policies \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '{
  "version": "1.0",
  "name": "<string>",
  "chain_type": "ethereum",
  "rules": [
    {
      "name": "<string>",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "<string>"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner": {
    "public_key": "<string>"
  },
  "owner_id": "<string>"
}'
{
  "id": "tb54eps4z44ed0jepousxi4n",
  "name": "Allowlisted stablecoins",
  "chain_type": "ethereum",
  "rules": [
    {
      "id": "bdyfoa65pro1eez6iwtzanol",
      "name": "Allowlist USDC contract on Base",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner_id": null,
  "version": "1.0",
  "created_at": 1741833088894
}

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-idempotency-key
string

Idempotency keys ensure API requests are executed only once within a 24-hour window.

Body

application/json
version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Maximum length: 50
chain_type
enum<string>
required

The chain type the policy applies to.

Available options:
ethereum,
solana
rules
PolicyRuleRequestBody · object[]
required
owner

The owner of the resource. If you provide this, do not specify an owner_id as it will be generated automatically. When updating a wallet, you can set the owner to null to remove the owner. The P-256 public key of the owner of the resource. If you provide this, do not specify an owner_id as it will be generated automatically.

owner_id
string

The key quorum ID to set as the owner of the resource. If you provide this, do not specify an owner.

Response

200 - application/json

Created policy object.

version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Maximum length: 50
chain_type
enum<string>
required

The chain type the policy applies to.

Available options:
ethereum,
solana
id
string
required

Unique ID of the created policy. This will be the primary identifier when using the policy in the future.

Required string length: 24
owner_id
string | null
required

The key quorum ID of the owner of the policy.

created_at
number
required

Unix timestamp of when the policy was created in milliseconds.

rules
PolicyRuleResponse · object[]
required