Authenticate
Obtain a user session signer to enable wallet access.
POST
Directly managing user authorization keys via the API is an advanced setting. We recommend using Privy’s SDKs, which internally manage user authorization keys if applicable.
This endpoint is used to create an ephemeral signing key for signing requests to take actions with a user’s wallet.
The returned key is encrypted using Hybrid Public Key Encryption (HPKE), with the following configuration:
- KEM (Key Encapsulation Mechanism): DHKEM_P256_HKDF_SHA256
- KDF (Key Derivation Function): HKDF_SHA256
- AEAD (Authenticated Encryption with Associated Data): CHACHA20_POLY1305
- Mode: BASE
The response authorization_key
is ciphertext and must be decrypted.
Authorizations
Basic Auth header with your app ID as the username and your app secret as the password.
Headers
ID of your Privy app.
Body
application/json
Response
200 - application/json
Object with encrypted authorization key and wallet IDs.
The response is of type object
.