JWT-based auth
Overview
Privy supports all JWT-based authentication providers. This includes any OIDC compliant authentication system, including OAuth 2.0, Auth0, Firebase, AWS Cognito, and more.
Using JWT-based authentication integration, you can use your existing authentication system with Privy’s services. This approach allows users to maintain their existing login experience while giving them access to embedded wallets.
Privy’s authentication is fully compatible with any authentication provider that supports JWT-based, stateless authentication. When a user logs into your app, your auth provider issues them an access and/or identity token to represent their auth status. Privy validates this token to authenticate your user.
Setting up JWT-based authentication
To integrate your JWT-based auth provider with Privy:
- Go to the Privy Dashboard
- Select your app from the App Dropdown in the left sidebar
- Request access to Custom Auth Support in the Integrations > Plugins tab of the Privy dashboard
- Navigate to the JWT Dashboard via User management > Authentication > JWT-based auth
You’ll need to provide the following information:
Privy requires a verification key to ensure the JWTs received are valid. Both the token’s signature and its expiration time (claim) are verified to ensure secure access. This verification process helps protect user data and prevents unauthorized access to Privy services.
You can provide the verification key in one of two ways:
Enter the claim from your user’s JWT that contains the user’s unique ID. In most access tokens and identity tokens, this is the claim.
Usage
Implementation
To integrate JWT-based authentication with Privy in your React application, you’ll need to create a custom PrivyProvider
wrapper that supplies your auth token to Privy.
Create a custom PrivyProvider
wrapper
Create a component that wraps the PrivyProvider
with your custom auth configuration:
Integrate the provider with your app
Make sure to nest your custom provider inside your auth provider in your app structure:
Accessing User Authentication Status
Once configured, you can access the user’s authentication status through the Privy SDK:
When using a custom authentication provider, you should not use the Privy login
method (from useLogin
or usePrivy
). Instead, call the login method of your custom provider, and the Privy SDK will automatically synchronize its state.
Implementation
To integrate JWT-based authentication with Privy in your React application, you’ll need to create a custom PrivyProvider
wrapper that supplies your auth token to Privy.
Create a custom PrivyProvider
wrapper
Create a component that wraps the PrivyProvider
with your custom auth configuration:
Integrate the provider with your app
Make sure to nest your custom provider inside your auth provider in your app structure:
Accessing User Authentication Status
Once configured, you can access the user’s authentication status through the Privy SDK:
When using a custom authentication provider, you should not use the Privy login
method (from useLogin
or usePrivy
). Instead, call the login method of your custom provider, and the Privy SDK will automatically synchronize its state.
Implementation
To integrate JWT-based authentication with Privy in your React Native application, you’ll need to create a custom PrivyProvider
wrapper that supplies your auth token to Privy.
Create a custom PrivyProvider
wrapper
Create a component that wraps the PrivyProvider
with your custom auth configuration:
Integrate the provider with your app
Make sure to nest your custom provider inside your auth provider in your app structure:
Accessing User Authentication Status
Once configured, you can access the user’s authentication status through the Privy SDK:
When using a custom authentication provider in React Native, you should let your auth provider handle the authentication flow. Privy will automatically synchronize its state based on the token provided by your getCustomAccessToken
callback.
Implementation
To integrate JWT-based authentication with Privy in your Swift application, you’ll need to initialize the Privy SDK with a token provider callback and handle authentication.
Initialize Privy with a token provider callback
First, initialize the Privy SDK with a tokenProvider
callback that will provide the JWT from your custom auth provider:
This tokenProvider
callback should:
- Return the current user’s access token as a
String
when authenticated - Return
nil
when the user is not authenticated
Authenticate your user
Once you have defined a tokenProvider
callback, authenticate your user with Privy using the loginWithCustomAccessToken
method:
If the provided token is valid, Privy will successfully authenticate your user. If the token is invalid, this method will throw an error.
Example with Auth0
Here’s an example using Auth0’s Swift SDK for authentication:
Authentication Flow
When using custom authentication with the Swift SDK:
- When the Privy SDK is first initialized, it attempts to restore any prior session
- If a prior session exists, Privy automatically tries to reauthenticate using your
tokenProvider
- You can manually trigger authentication by calling
loginWithCustomAccessToken
- After successful authentication, you have access to the
PrivyUser
object and wallet functionality
When your app starts up, as soon as you determine your user is authenticated via your custom auth provider, you should call Privy’s loginWithCustomAccessToken
method to synchronize the authentication state.
Accessing User Data
Once authenticated, you can access the user’s data and embedded wallets:
Privy identifies users based on the unique ID assigned by your auth provider (stored in the sub
claim of their access token). You can view all users in the Users section of the Privy Developer Dashboard.
Implementation
To integrate JWT-based authentication with Privy in your Android application, you’ll need to initialize the Privy SDK with a token provider callback and handle authentication.
Initialize Privy with a token provider callback
First, initialize the Privy SDK with a tokenProvider
callback that will provide the JWT from your custom auth provider:
The tokenProvider
callback should:
- Return the current user’s access token as a
String
when authenticated - Return
null
when the user is not authenticated - Be implemented as a suspending function that can perform asynchronous operations
Authenticate your user
Once you’ve initialized Privy with a tokenProvider
callback, authenticate your user with Privy using the loginWithCustomAccessToken
method:
If the provided access or identity token is valid, Privy will authenticate your user and return a Result.success
with the PrivyUser
object. If the token is invalid, it will return a Result.failure
.
Example integration with Auth0
Here’s an example of integrating with Auth0 for Android:
Authentication flow
When using custom authentication with the Android SDK:
- When the Privy SDK is first initialized, it attempts to restore any prior session
- If a prior session exists, Privy automatically tries to reauthenticate using your
tokenProvider
- You can manually trigger authentication by calling
loginWithCustomAccessToken
- After successful authentication, you have access to the
PrivyUser
object and wallet functionality
It’s important to await the privy.ready()
call before triggering any other Privy flows to ensure the SDK has completed initialization and attempted session restoration.
Accessing user data and wallets
Once authenticated, you can access the user’s data and embedded wallets:
Privy identifies users based on the unique ID that your auth provider has assigned (stored in the sub
claim of their access token). You can view all users in the Users section of the Privy Developer Dashboard.
Implementation
To integrate JWT-based authentication with Privy in your Flutter application, you’ll need to initialize the Privy SDK with a token provider callback and handle authentication.
Initialize Privy with a token provider callback
First, initialize the Privy SDK with a tokenProvider
callback that will provide the JWT from your custom auth provider:
The tokenProvider
callback should:
- Return the current user’s access token as a
String
when authenticated - Return
null
when the user is not authenticated - Be implemented as an async function that can perform asynchronous operations
Await SDK readiness
Before performing any operations with the SDK, make sure to await its readiness:
This ensures that the SDK has completed initialization and attempted session restoration if a prior session exists.
Authenticate your user
Once you’ve initialized Privy with a tokenProvider
callback, authenticate your user with Privy using the loginWithCustomAccessToken
method:
If the provided access or identity token is valid, Privy will authenticate your user and return a Result.success
with the PrivyUser
object. If the token is invalid, it will return a Result.failure
.
Example integration with Firebase Auth
Here’s an example of integrating with Firebase Authentication:
Authentication flow
When using custom authentication with the Flutter SDK:
- When the Privy SDK is first initialized, it attempts to restore any prior session
- If a prior session exists, Privy automatically tries to reauthenticate using your
tokenProvider
- You can manually trigger authentication by calling
loginWithCustomAccessToken
- After successful authentication, you have access to the
PrivyUser
object and wallet functionality
It’s important to await privy.awaitReady()
before triggering any other Privy flows to ensure the SDK has completed initialization and attempted session restoration.
Accessing user data and wallets
Once authenticated, you can access the user’s data and embedded wallets:
Privy identifies users based on the unique ID that your auth provider has assigned (stored in the sub
claim of their access token). You can view all users in the Users section of the Privy Developer Dashboard.