Skip to main content
POST
/
v1
/
policies
Create Policy
curl --request POST \
  --url https://api.privy.io/v1/policies \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '
{
  "name": "<string>",
  "rules": [
    {
      "name": "<string>",
      "conditions": [
        {
          "value": "<string>"
        }
      ],
      "id": "<string>"
    }
  ],
  "owner": {
    "user_id": "<string>"
  },
  "owner_id": "<string>"
}
'
{
  "id": "tb54eps4z44ed0jepousxi4n",
  "name": "Allowlisted stablecoins",
  "chain_type": "ethereum",
  "rules": [
    {
      "id": "bdyfoa65pro1eez6iwtzanol",
      "name": "Allowlist USDC contract on Base",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner_id": null,
  "version": "1.0",
  "created_at": 1741833088894
}

Documentation Index

Fetch the complete documentation index at: https://docs.privy.io/llms.txt

Use this file to discover all available pages before exploring further.

SDK methods

Learn more about creating policies using our SDKs here.

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-idempotency-key
string

Idempotency keys ensure API requests are executed only once within a 24-hour window.

Body

application/json
version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Required string length: 1 - 50
chain_type
enum<string>
required

The wallet chain types.

Available options:
ethereum,
solana,
cosmos,
stellar,
sui,
aptos,
movement,
tron,
bitcoin-segwit,
bitcoin-taproot,
pearl,
near,
ton,
starknet,
spark
rules
object[]
required
owner
OwnerInputUser · object

Owner input specifying a Privy user ID.

owner_id
string<cuid2> | null

The key quorum ID to set as the owner of the resource. If you provide this, do not specify an owner.

Response

200 - application/json

Created policy object.

A policy for controlling wallet operations.

version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Required string length: 1 - 50
chain_type
enum<string>
required

The wallet chain types.

Available options:
ethereum,
solana,
cosmos,
stellar,
sui,
aptos,
movement,
tron,
bitcoin-segwit,
bitcoin-taproot,
pearl,
near,
ton,
starknet,
spark
id
string
required

Unique ID of the created policy. This will be the primary identifier when using the policy in the future.

Required string length: 24
owner_id
string<cuid2>
required

The key quorum ID of the owner of the policy.

created_at
number
required

Unix timestamp of when the policy was created in milliseconds.

rules
PolicyRuleResponse · object[]
required