Authenticate
Obtain a user session signer to enable wallet access.
Directly managing user authorization keys via the API is an advanced setting. We recommend using Privy’s SDKs, which internally manage user authorization keys if applicable.
This endpoint is used to create an ephemeral signing key for signing requests to take actions with a user’s wallet.
The returned key is encrypted using Hybrid Public Key Encryption (HPKE), with the following configuration:
- KEM (Key Encapsulation Mechanism): DHKEM_P256_HKDF_SHA256
- KDF (Key Derivation Function): HKDF_SHA256
- AEAD (Authenticated Encryption with Associated Data): CHACHA20_POLY1305
- Mode: BASE
The response authorization_key
is ciphertext and must be decrypted.
Authorizations
App secret authentication.
Headers
ID of your Privy app.
Body
The user's JWT, to be used to authenticate the user.
The encryption type for the authentication response. Currently only supports HPKE.
HPKE
Base64-encoded public key of the recipient who will decrypt the session key. This key must be generated securely and kept confidential.
Response
The encrypted authorization key data.
The expiration time of the authorization key in seconds since the epoch.
The wallets that the signer has access to.