Appearance
Securing your integration ​
Privy is a powerful library that enables you to securely authenticate your users and provision self-custodial embedded wallets in order to create delightful user experiences. Privy protects your users’ accounts and wallets via secure account verification, session management, and Shamir secret sharing cryptography. See our architecture security documentation for more information.
Privy is integrated deeply into application environments, and your application provides the context in which users access their accounts. Accordingly, it is essential that you take steps to secure your product to protect your users.
Here is a guide to help you get started and configure your application securely. Beyond this, security is a comprehensive topic that touches every part of your stack.
TIP
At a high level, we recommend that you:
- Configure your security settings in the Privy developer dashboard
- Ensure your application’s frontend is secure
- Protect your developer credentials
- Educate your users about security
Configure security settings in the Privy Dashboard ​
Before you launch your app, we strongly recommend you enable these security settings in the Privy developer dashboard to protect to your users’ accounts:
- Restrict your allowed domains by adding your domain in the Settings page.
- Restrict your allowed OAuth redirect URLs by specifying allowed URLs in the Settings page.
- Limit allowed methods for your app in the Login Methods page to only those you use for login or linking.
- If your app is browser-based, enable a base domain in the Domains page to set
HttpOnly
cookies, which helps further protect your user's Privy tokens from XSS and related attacks. - If your app deals with high-value assets, enable multi-factor authentication for wallet actions and require that users set it up.
Lock down your app frontend ​
Because your application frontend provides the context in which users access their accounts, it is an essential environment to keep secure. Follow client-side security best practices, including limiting what is able to inject Javascript into your site. You should make sure only the code you intend runs in your app.
- Use TLS and HTTPS to serve your web pages.
- Avoid open redirects in your app. If your app must have them or you are unsure if it does, we recommend specifying an allowed OAuth redirect URL to help mitigate redirect-based attacks.
- Ensure you have content headers set correctly on your site. Set the
X-Frame-Options
header tonone
on your root domain to ensure that your content cannot be embedded into a malicious site. - Ensure your application has a strict Content Security Policy (CSP).
- Ensure that your application has protections against XSS attacks.
- Review your application's third-party Javascript dependencies.
Beyond this, it is critical you secure your domain. For instance, set 2FA on your DNS provider account, and ensure your DNS is configured correctly.
Protect your developer credentials ​
Your developer login credentials can be used to configure your application with the Privy dashboard. It’s important to protect your credentials to avoid unauthorized access to your developer account.
Your app secret can be used to manage and query the users that have signed up in your app. Store your app secret securely, e.g. via a secrets manager. We will never reveal your app secret in your developer dashboard beyond the first time the secret is generated.
Educate your users about security ​
Your users also share in responsibility for their account security. Phishing is the biggest source of risk affecting end users.
Let your users know you will never ask them for credentials, help them avoid untrusted bookmarklets and extensions, ensure they are only interacting with your intended domains, and create clear expectations about how your product will prompt them to interact.