Skip to content

Getting the denylist

To get your current denylist, make a GET request to:

sh
https://auth.privy.io/api/v1/apps/<your-privy-app-id>/denylist

This is a paginated query, and the API will return up to 1000 denylist entries for a single request.

Parameters

In the request query parameters, specify the following fields:

  • cursor (optional)
    • When you request a batch of denylist entries from Privy, the API will return a cursor for the next batch of denylist entries in the next_cursor field of the response. This will be a denylist ID, which is a string.
    • If you are requesting the first batch of denylist entries for your app, do not include a cursor in your request parameters.
    • If you have already requested a batch of denylist entries and want to request the next batch, set the cursor in your request parameters to be the next_cursor returned by the API in your previous query. If the provided cursor is not a valid denylist ID, the API will return an error.
  • limit (optional): The number of users you would like the API to return. Defaults to 1000.

As an example, to get the first 1000 denylist entries for your app, you should include no URL query parameters:

sh
curl --request GET https://auth.privy.io/api/v1/apps/<your-privy-app-id>/denylist \
-u "<your-privy-app-id>:<your-privy-app-secret>" \
-H "privy-app-id: <your-privy-app-id>"

Then, to get the next 1000 denylist entries for your app, you should pass the next_cursor field of the last response as the cursor in your request query parameters:

sh
# Replace <insert-cursor> below with the `next_cursor` returned by the last query
curl --request GET https://auth.privy.io/api/v1/apps/<your-privy-app-id>/denylist?cursor=<insert-cursor> \
-u "<your-privy-app-id>:<your-privy-app-secret>" \
-H "privy-app-id: <your-privy-app-id>"

Response

A successful response will include:

  • data: the denylist entries as an array
  • next_cursor: the cursor to be used in your next request to this API

Below is an example:

json
{
  "data": [
    {
        "id": "denylist-entry-ID1",
        "rule_type": "email",
        "value": "[email protected]"
    },
    {
        "id": "denylist-entry-ID2",
        "rule_type": "emailDomain",
        "value": "email.com"
    },
    ...
  ],
  "next_cursor": "denylist-entry-ID2"
}

If you need to remove an entry from your denylist, you will need the id field returned in this API response.