Building the AuthorizationContext
When making a request to the Privy API that requires an authorization signature, you can build your
authorization context, depending on if the signer of the request is an authorization key, a user, or
a key quorum, per the instructions below
Authorization key
If the signer of the request is an authorization key, get the private key(s) that you saved locally when creating your signer in the Privy API or Dashboard. See the guide on authorization keys for more details. The raw private key(s) can then be added to the authorization context, to sign requests to the Privy API.User
If the signer of the request is a user, you can add the user’s JWT to the authorization context. See the guide on user owners and signers for more details.Computing signatures directly
This is an advanced use case. Whenever possible, you should opt to use one of the mechanisms above.
Sign functions
You can pass in a sign function to the SDK’s authorization context, which will be called with the payload to sign when the request is made. The sign functions should perform an ECDSA P-256 signature on the payload received, and return the base64-encoded signature.The binary payload received by the sign function is already formatted and ready to be signed.
There is no need to canonicalize or serialize the payload before signing when using this method.
Adding a signature manually
If instead you want to encode and sign the request payload manually, you can do so by using the utilities provided by the SDK.1
1. Get the encoded request payload to sign over
Use the
formatRequestForAuthorizationSignature
utility to get the encoded request payload to sign over.2
2. Produce the signature
The logic for producing the signature is fully dependent on the details of your implementation.
Simply make sure to sign over the byte array returned in the previous step.
3
3. Add the signature to the authorization context