1
Request a user key for a user
Make a request to the Privy API with the user’s access token to request a user key. If the token
is valid per your configured authentication settings, Privy will return a time-bound user key
that can be used to sign requests.
2
Sign the request with the user key
Given the returned user key, sign the request
to update or take actions with a resource the user owns.
3
Pass the signature in request headers
Lastly, pass the signature from the user key
in a
privy-authorization-signature header for the request. Privy will verify the signature and
execute the request only if the signature is valid.
