Directly managing user authorization keys is an advanced setting.

This interface is currently in development and will be available in an upcoming release.

Self-custodial Privy wallets are those owned by an authorization key that the user controls. These user-controlled authorization keys are typically managed internally by Privy client SDKs.

For some advanced integrations, your app may need to interact with your users’ authorization keys directly, outside of a managed client SDK context. This is done via the User authorization key API.

This API issues issues one-time or session-based authorization keys that enable access to user wallets and can be called from either your app’s frontend or backend. You can learn more about the user authorization key API architecture here.

Creating a user-associated wallet

Send a POST request to the create user endpoint to create a user and associated wallet.

If applicable, first register your JWT verification public key or JWKS.json endpoint via the Privy Dashboard.

Transacting with a wallet

To transact with a wallet, you will make a request to the user authorization key API to obtain a one-time session key, which you will use to sign requests to the wallet API.

Retrieving a session key

To request a one-time session key, send a POST request to the authenticate endpoint with a valid user JWT.

Initiating a transaction

To transact with a wallet, use the user’s session key to authorize requests to the user’s wallet via the wallet API RPC endpoint.

Was this page helpful?