Steps
At a high-level, directly implementing request signing requires the following steps:1
Build signature payload
Generate a JSON payload containing the following fields. All fields are required unless otherwise specified.
2
Canonicalize signature payload
Next, canonicalize the payload per RFC 8785 and serialize it to a string. This GitHub repository links to various libraries for JSON canonicalization in different languages.
3
Sign signature payload
Sign the serialized JSON with ECDSA P-256 using the private key of your user key or authorization key and serialize it to a base64-encoded string.
4
Include the signature in request headers
Lastly, include the base64-encoded signature over the payload in the
privy-authorization-signature header of your request to the Privy API.
