Skip to main content
POST
/
v1
/
policies
/
{policy_id}
/
rules
Create Policy Rule
curl --request POST \
  --url https://api.privy.io/v1/policies/{policy_id}/rules \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '
{
  "name": "<string>",
  "method": "eth_sendTransaction",
  "conditions": [
    {
      "field_source": "ethereum_transaction",
      "field": "to",
      "operator": "eq",
      "value": "<string>"
    }
  ],
  "action": "ALLOW"
}
'
{
  "id": "rule_123",
  "name": "Allowlist USDC contract on Base",
  "method": "eth_sendTransaction",
  "conditions": [
    {
      "field_source": "ethereum_transaction",
      "field": "to",
      "operator": "eq",
      "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
    }
  ],
  "action": "ALLOW"
}

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-authorization-signature
string

Request authorization signature. If multiple signatures are required, they should be comma separated.

Path Parameters

policy_id
string
required
Required string length: 24

Body

application/json

The rules that apply to each method the policy covers.

name
string
required
Required string length: 1 - 50
method
enum<string>
required

Method the rule applies to.

Available options:
eth_sendTransaction,
eth_signTransaction,
eth_signUserOperation,
eth_signTypedData_v4,
eth_sign7702Authorization,
signTransaction,
signAndSendTransaction,
exportPrivateKey,
signTransactionBytes,
*
conditions
(ethereum_transaction · object | ethereum_calldata · object | ethereum_typed_data_domain · object | ethereum_typed_data_message · object | ethereum_7702_authorization · object | solana_program_instruction · object | solana_system_program_instruction · object | solana_token_program_instruction · object | system · object | tron_transaction · object)[]
required

A condition that must be true for the rule action to be applied.

  • ethereum_transaction
  • ethereum_calldata
  • ethereum_typed_data_domain
  • ethereum_typed_data_message
  • ethereum_7702_authorization
  • solana_program_instruction
  • solana_system_program_instruction
  • solana_token_program_instruction
  • system
  • tron_transaction
action
enum<string>
required

Action to take if the conditions are true.

Available options:
ALLOW,
DENY

Response

200 - application/json

Created policy rule object.

A rule that defines the conditions and action to take if the conditions are true.

name
string
required
Required string length: 1 - 50
method
enum<string>
required

Method the rule applies to.

Available options:
eth_sendTransaction,
eth_signTransaction,
eth_signUserOperation,
eth_signTypedData_v4,
eth_sign7702Authorization,
signTransaction,
signAndSendTransaction,
exportPrivateKey,
signTransactionBytes,
*
conditions
(ethereum_transaction · object | ethereum_calldata · object | ethereum_typed_data_domain · object | ethereum_typed_data_message · object | ethereum_7702_authorization · object | solana_program_instruction · object | solana_system_program_instruction · object | solana_token_program_instruction · object | system · object | tron_transaction · object)[]
required

A condition that must be true for the rule action to be applied.

  • ethereum_transaction
  • ethereum_calldata
  • ethereum_typed_data_domain
  • ethereum_typed_data_message
  • ethereum_7702_authorization
  • solana_program_instruction
  • solana_system_program_instruction
  • solana_token_program_instruction
  • system
  • tron_transaction
action
enum<string>
required

Action to take if the conditions are true.

Available options:
ALLOW,
DENY
id
string
required