1
Request a user key for a user
Make a request to the Privy API with the user’s access token to request a user key. If the token
is valid per your configured authentication settings, Privy will return a time-bound user key
that can be used to sign requests.
2
Sign the request with the user key
Given the returned user key, sign the request
to update or take actions with a resource the user owns.
3
Pass the signature in request headers
Lastly, pass the signature from the user key
in a
privy-authorization-signature header for the request. Privy will verify the signature and
execute the request only if the signature is valid.1. Request a user key for a user
To request a user key with the NodeJS SDK, use thegenerateUserSigner method of the Privy client.The user’s JWT, to authenticate the user.If your app is using your own authentication provider, the user’s JWT should verify against the JWKS.json endpoint you registered in the Dashboard.If your app is using Privy as your authentication provider, the user’s JWT should be the access token issued by Privy.
Under the hood, the
generateUserSigner method handles the encryption and decryption of the user
key returned by the Privy API. This means your application does not need to handle the encryption
of the user key.2. Update the Privy client to use the user’s keypair
Once you’ve generated a user authorization key for the user, update the Privy client to use the user authorization key via theupdateAuthorizationKey method. This will configure the Privy client to sign requests with the provided key.generateUserSigner method as a string.3. Execute requests with the user’s authorization key
Once the Privy client has been updated with a specific user’s authorization key, the client will automatically sign requests made by theprivy.walletApi.ethereum.* and privy.walletApi.solana.* methods. You do not need to take any extra steps to sign requests.