Once your application has successfully configured authentication settings, users can update and take actions with resources they own per the following flow.
1

Request a user key for a user

Make a request to the Privy API with the user’s access token to request a user key. If the token is valid per your configured authentication settings, Privy will return a time-bound user key that can be used to sign requests.
2

Sign the request with the user key

Given the returned user key, sign the request to update or take actions with a resource the user owns.
3

Pass the signature in request headers

Lastly, pass the signature from the user key in a privy-authorization-signature header for the request. Privy will verify the signature and execute the request only if the signature is valid.
Follow the guide below to learn how to request and use user keys from the Privy API.

1. Request a user key for a user

To request a user key with the NodeJS SDK, use the generateUserSigner method of the Privy client.
const {authorizationKey} = await privy.walletsApi.generateUserSigner({
  userJwt: 'insert-user-jwt'
});
As a parameter to the method, pass an object containing the following.
userJwt
string
required
The user’s JWT, to authenticate the user.If your app is using your own authentication provider, the user’s JWT should verify against the JWKS.json endpoint you registered in the Dashboard.If your app is using Privy as your authentication provider, the user’s JWT should be the access token issued by Privy.
Under the hood, the generateUserSigner method handles the encryption and decryption of the user key returned by the Privy API. This means your application does not need to handle the encryption of the user key.

2. Update the Privy client to use the user’s keypair

Once you’ve generated a user authorization key for the user, update the Privy client to use the user authorization key via the updateAuthorizationKey method. This will configure the Privy client to sign requests with the provided key.
await privy.updateAuthorizationKey('insert-user-authorization-key');
As a parameter to this method, pass the user authorization key returned by the generateUserSigner method as a string.

3. Execute requests with the user’s authorization key

Once the Privy client has been updated with a specific user’s authorization key, the client will automatically sign requests made by the privy.walletApi.ethereum.* and privy.walletApi.solana.* methods. You do not need to take any extra steps to sign requests.