Authenticate

Obtain a session key to enable wallet access.

curl --request POST \
  --url https://api.privy.io/v1/wallets/authenticate \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '{
  "user_jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30",
  "encryption_type": "HPKE",
  "recipient_public_key": "DAQcDQgAEx4aoeD72yykviK+fckqE2CItVIGn1rCnvCXZ1HgpOcMEMialRmTrqIK4oZlYd1"
}'

{
  "encrypted_authorization_key": {
    "encryption_type": "HPKE",
    "encapsulated_key": "BECqbgIAcs3TpP5GadS6F8mXkSktR2DR8WNtd3e0Qcy7PpoRHEygpzjFWttntS+SEM3VSr4Thewh18ZP9chseLE=",
    "ciphertext": "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsqM8IKMlpFxVypBUa/Q2QvB1AmS/g5WHPp3SKq9A75uhRANCAATeX6BDghwclKAH8+/7IjvS1tCpvIfZ570IR44acX93pUGz5iEvpkg+HGaalHAXubuoUMq9CUWRm4wo+3090Nus"
  },
  "expires_at": 1697059200000,
  "wallets": [
    {
      "id": "ubul5xhljqorce73sf82u0p3",
      "address": "0x3DE69Fd93873d40459f27Ce5B74B42536f8d6149",
      "chain_type": "ethereum",
      "policy_ids": [],
      "additional_signers": [
        {
          "signer_id": "p3cyj3n8mt9f9u2htfize511",
          "override_policy_ids": []
        }
      ],
      "created_at": 1744300912643,
      "owner_id": "lzjb3xnjk2ntod3w1hgwa358",
      "exported_at": null,
      "imported_at": null
    },
    {
      "id": "sb4y18l68xze8gfszafmyv3q",
      "address": "9wtGmqMamnKfz49XBwnJASbjcVnnKnT78qKopCL54TAk",
      "chain_type": "solana",
      "policy_ids": [],
      "additional_signers": [
        {
          "signer_id": "p3cyj3n8mt9f9u2htfize511",
          "override_policy_ids": []
        }
      ],
      "created_at": 1744300912644,
      "owner_id": "lzjb3xnjk2ntod3w1hgwa358",
      "exported_at": null,
      "imported_at": null
    }
  ]
}

POST

wallets

authenticate

Obtain a session key to enable wallet access.

curl --request POST \
  --url https://api.privy.io/v1/wallets/authenticate \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --header 'privy-app-id: <privy-app-id>' \
  --data '{
  "user_jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30",
  "encryption_type": "HPKE",
  "recipient_public_key": "DAQcDQgAEx4aoeD72yykviK+fckqE2CItVIGn1rCnvCXZ1HgpOcMEMialRmTrqIK4oZlYd1"
}'

{
  "encrypted_authorization_key": {
    "encryption_type": "HPKE",
    "encapsulated_key": "BECqbgIAcs3TpP5GadS6F8mXkSktR2DR8WNtd3e0Qcy7PpoRHEygpzjFWttntS+SEM3VSr4Thewh18ZP9chseLE=",
    "ciphertext": "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsqM8IKMlpFxVypBUa/Q2QvB1AmS/g5WHPp3SKq9A75uhRANCAATeX6BDghwclKAH8+/7IjvS1tCpvIfZ570IR44acX93pUGz5iEvpkg+HGaalHAXubuoUMq9CUWRm4wo+3090Nus"
  },
  "expires_at": 1697059200000,
  "wallets": [
    {
      "id": "ubul5xhljqorce73sf82u0p3",
      "address": "0x3DE69Fd93873d40459f27Ce5B74B42536f8d6149",
      "chain_type": "ethereum",
      "policy_ids": [],
      "additional_signers": [
        {
          "signer_id": "p3cyj3n8mt9f9u2htfize511",
          "override_policy_ids": []
        }
      ],
      "created_at": 1744300912643,
      "owner_id": "lzjb3xnjk2ntod3w1hgwa358",
      "exported_at": null,
      "imported_at": null
    },
    {
      "id": "sb4y18l68xze8gfszafmyv3q",
      "address": "9wtGmqMamnKfz49XBwnJASbjcVnnKnT78qKopCL54TAk",
      "chain_type": "solana",
      "policy_ids": [],
      "additional_signers": [
        {
          "signer_id": "p3cyj3n8mt9f9u2htfize511",
          "override_policy_ids": []
        }
      ],
      "created_at": 1744300912644,
      "owner_id": "lzjb3xnjk2ntod3w1hgwa358",
      "exported_at": null,
      "imported_at": null
    }
  ]
}

Directly managing user authorization keys via the API is an advanced setting. We recommend using Privy’s SDKs, which internally manage user authorization keys if applicable.

This endpoint is used to create an ephemeral signing key for signing requests to take actions with a user’s wallet. The returned key is encrypted using Hybrid Public Key Encryption (HPKE), with the following configuration:

KEM (Key Encapsulation Mechanism): DHKEM_P256_HKDF_SHA256
KDF (Key Derivation Function): HKDF_SHA256
AEAD (Authenticated Encryption with Associated Data): CHACHA20_POLY1305
Mode: BASE

The response authorization_key is ciphertext and must be decrypted.

Authorizations

Authorization

string

header

required

Basic Auth header with your app ID as the username and your app secret as the password.

Headers

privy-app-id

string

required

ID of your Privy app.

Body

application/json

Response

200 - application/json

Object with authorization key and wallet IDs.

The response is of type object.

Submit import eth_sendTransaction

API reference

Wallets

Account funding

Policies

Transactions

Key quorums

Users

Authorizations

Headers

Body

Response