Appearance
Configuring delegated actions
At a high-level, setting up delegated actions for your app involves three steps:
- Enable delegated actions: Within the Privy Dashboard, enable delegated actions to allow your app to request permission from users to transact on their behalf.
- Generate an authorization key: (Optional, but strongly recommended) Within the Privy Dashboard, when enabling delegated actions, generate an authorization keypair to ensure that actions with user's wallets are only taken with requests signed by your app's servers.
- Prompt users to grant consent: Within your client (web or native mobile app), prompt the user to delegate certain permissions over their wallet to your app.
Enable delegated actions
To enable delegated actions for your app, visit the Privy Dashboard and navigate to the Embedded wallets page for your app.
Select the Advanced tab and toggle the Delegated actions setting to enable delegated actions for your app.
Generate an authorization key
Once you've enabled delegated actions, you can further secure your integration by generating an authorization key that is required to sign requests.
To generate an authorization key, under the toggle to enable delegated actions, enable the Require signed requests setting. A modal will appear with a Signing key to copy. Copy this value and save it securely in a secrets manager or similar.
With this setting enabled, all requests to take delegated actions with user's wallet must be signed with your Signing key. This ensures that Privy only ever executes requests sent by your server.
Privy never sees this private key and cannot help you recover it. This means rotating the private key for your app in the case of key loss will require all users to consent to wallet delegation again.
INFO
The authorization key is the private key of a P-256 keypair. Privy never sees the private key, and verifies signatures on your requests against the corresponding public key to ensure your server authorizes the action to take with a user's delegated wallet.
Delegating wallets
To use delegated actions, your user must first grant consent for your app to take certain actions on their behalf. To have users grant consent, follow the guides below depending on the client-side SDK(s) you integrate.