Skip to content

Customizing allowlist rejection ‚Äč

If your app has an allowlist enabled, new users who attempt to login with an account not in your allowlist will not be permitted to login to your app.

You can customize the screen shown to the user when they are denied permission to login, to help contextualize the allowlist within your app.

To customize this screen, make a POST request to

https://auth.privy.io/api/v1/apps/<your-privy-app-ID>

In the body of the request, include an allowlist_config field that contains a JSON with the following fields. All fields in this object are optional.

FieldTypeDescription
error_titlestringThe primary text for the error message you'd like to show your user. Defaults to "You don't have access to this app".
error_detailstringThe secondary text for the error message you'd like to show your user. Defaults to "Have you been invited?"
cta_textstringThe text to show on the error confirmation button. Defaults to "Try another account"
cta_linkstringThe URL to navigate the user to, when they click the error CTA. Defaults to just closing the screen on click, instead of navigating the user to another URL.

Below is a sample cURL command for adding an email to the allowlist:

bash
curl --request POST 'https://auth.privy.io/api/v1/apps/<your-privy-app-ID>' \
-u ":<your-privy-app-secret>" \
-H "privy-app-id: <your-privy-app-ID>" \
--data-raw '{
    "allowlist_config": {
        "error_title": "Insert your error title",
        "error_detail": "Insert your error detail",
        "cta_text": "Insert your error CTA",
        "cta_link": "Insert a URL to navigate the user to when clicking the CTA"
    }
}'