Skip to main content

Wallet-based authentication

When using the privy-browser client, your users interact directly with Privy. Privy integrates with Ethereum using Sign-in with Ethereum (SIWE). SIWE is a standard that allows your users to authenticate themselves directly to apps using their Ethereum keypair. No backend required.

info

Reach out if you'd like more wallet support for Privy!

Once a user authenticates with Privy, the session is valid for 3 days.

caution

Privy's wallet authentication is only available for MetaMask today. More coming soon.

Integrating SIWE using privy-browser

Imagine you are building a React application where users log in using their MetaMask wallet. Your users can connect with Privy using the same wallet.

To get started, create an instance of a SiweSession.

import {SiweSession} from '@privy-io/privy-browser';

const session = new SiweSession(apiKey, window.ethereum);

Using this session object, you can prompt a user to connect their wallet and authenticate with Privy.

export default function Signin(props: PropsType) {
const authenticate = async () => {
// Calling authenticate() on session will:
//
// 1. Prompt user to connect wallet (if they aren't already connected)
// 2. Prompt user to sign an auth message for Privy
// 3. If successful, Privy will issue the user an access token
//
await session.authenticate();
Router.push("/dashboard");
}}

return (
<button onClick={authenticate}>
Sign in
</button>
);
}

If successful, the client can make authenticated calls to Privy using the SiweSession.

import {PrivyClient} from '@privy-io/privy-browser';

// Initialize a new privy client with the session
const client = new PrivyClient({session: session});

async function fetchUserData() {
// SiweSession objects have an address() method that
// resolves to the currently connected wallet address.
const userId = await session.address();

return privy.get(userId, ['email', 'phone-number']);
}

Useful SiweSession functions

Privy's SiweSession objects come with a few convenience methods to help you manage your users' auth lifecycle more generally.

authenticate()

authenticate authenticates a user with Privy. This performs the following:

  1. Prompts the user to connect their wallet (if they haven't already)
  2. Prompts the user to sign an EIP-4361 message that Privy can verify

By default, authenticate is automatically called the first time a request is made to Privy.

But you can invoke it any time. For instance, if you want a sign-in flow as part of an onboarding experience:

<SignInButton onSignIn={() => session.authenticate()} />

connect()

To further control the user authentication experience, SiweSession objects provide a connect method, which prompts the user to connect their wallet. This is called automatically by authenticate(), but may be useful as part of user onboarding flows where a user must first connect their wallet, independent of authenticating with Privy.

const onClick = async () => {
// address is the EIP-55 mixed-case checksum-encoded address
const address = await session.connect();
setAddress(address);
};

<ConnectWalletPrompt onClick={onClick} />;

address()

address returns the EIP-55 mixed-case checksum-encoded address or connected wallet or null if not connected.

isAuthenticated()

You can call the session's isAuthenticated() method to know whether

  • a user has connected their wallet
  • whether they have auth'd with Privy using using the connected wallet address

destroy()

The destroy() method can be used to kill the session state, for example, if the user clicks a sign out button.