Use the API keys page of the dashboard to get your Privy app ID, app secret, and verification key.
Your app ID is used to identify your Privy app, and is necessary to initialize the
PrivyProvider in your frontend and send requests in your backend. This value is automatically generated when your app is created and is immutable.
Your app ID is a public value, and is thus safe to expose on your frontend.
Your app secret is necessary to authenticate API requests to Privy from your backend. You can make requests to Privy's API to get your users' data, delete users from your app, verify auth tokens issued by Privy, and more.
Privy does not store your app secret. If you do not know your current app secret, or your current app secret has been compromised, you may reset it through the dashboard. Upon resetting your app secret, make sure to save it somewhere safe, as you will not be able to see it again after leaving the page.
Your app secret is a sensitive value that gives you permission to manage Privy from your backend. Do not expose it outside of your backend server.
Your verification key is used to verify auth tokens that were signed by Privy for your app. You may use this as part of your authorization workflows, e.g. verifying that requests to your backend were made by an authenticated user. See our authorization guide for our best practices around verification.
Your app's verificationn is a public value, and is thus safe to expose on your frontend.