Skip to main content
PATCH
/
v1
/
policies
/
{policy_id}
Update Policy
curl --request PATCH \
  --url https://api.privy.io/v1/policies/{policy_id} \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '
{
  "name": "<string>",
  "rules": [
    {
      "name": "<string>",
      "conditions": [
        {
          "value": "<string>"
        }
      ]
    }
  ],
  "owner": {
    "user_id": "<string>"
  },
  "owner_id": "<string>"
}
'
{
  "id": "tb54eps4z44ed0jepousxi4n",
  "name": "Allowlisted stablecoins",
  "chain_type": "ethereum",
  "rules": [
    {
      "id": "bdyfoa65pro1eez6iwtzanol",
      "name": "Allowlist USDC contract on Base",
      "method": "eth_sendTransaction",
      "conditions": [
        {
          "field_source": "ethereum_transaction",
          "field": "to",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "action": "ALLOW"
    }
  ],
  "owner_id": null,
  "version": "1.0",
  "created_at": 1741833088894
}

SDK methods

Learn more about updating policies using our SDKs here.

Authorizations

Authorization
string
header
required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id
string
required

ID of your Privy app.

privy-authorization-signature
string

Request authorization signature. If multiple signatures are required, they should be comma separated.

privy-request-expiry
string

Request expiry. Value is a Unix timestamp in milliseconds representing the deadline by which the request must be processed.

Path Parameters

policy_id
string
required
Required string length: 24

Body

application/json
name
string

Name to assign to policy.

Required string length: 1 - 50
rules
PolicyRuleRequestBody · object[]
owner
OwnerInputUser · object

Owner input specifying a Privy user ID.

owner_id
string<cuid2> | null

The key quorum ID to set as the owner of the resource. If you provide this, do not specify an owner.

Response

200 - application/json

Updated policy object.

A policy for controlling wallet operations.

version
enum<string>
required

Version of the policy. Currently, 1.0 is the only version.

Available options:
1.0
name
string
required

Name to assign to policy.

Required string length: 1 - 50
chain_type
enum<string>
required

The wallet chain types.

Available options:
ethereum,
solana,
cosmos,
stellar,
sui,
aptos,
movement,
tron,
bitcoin-segwit,
bitcoin-taproot,
pearl,
near,
ton,
starknet,
spark
id
string
required

Unique ID of the created policy. This will be the primary identifier when using the policy in the future.

Required string length: 24
owner_id
string<cuid2>
required

The key quorum ID of the owner of the policy.

created_at
number
required

Unix timestamp of when the policy was created in milliseconds.

rules
PolicyRuleResponse · object[]
required