Appearance
Setting up delegated actions
INFO
Delegated actions are currently a gated feature. Please request access via the plugins section of the Privy Dashboard.
At a high-level, setting up delegated actions for your app involves two steps:
- Generate an authorization keypair: within the Privy Dashboard, when enabling delegated actions, generate a P-256 asymmetric keypair to ensure that the TEE only ever executes requests originating from your app's servers. This step is optional, but strongly recommended.
- Prompt users to grant consent: within your client (web or native mobile app), prompt the user to delegate certain permissions over their wallet to your app.
Generating an authorization keypair
To generate an authorization keypair, in the Privy Dashboard, navigate to the Embedded wallets page for your app. Then, select the Advanced tab.
Toggle the Delegated actions setting. This will enable delegated actions for your app.
From here, you can generate a P-256 authorization keypair. Your server will use this private key to sign request payloads to Privy's delegated actions API.
Copy the private key from the console and save it securely in a secrets manager or similar. Privy never sees this private key and cannot help you recover it. This means rotating the private key for your app in the case of key loss will require all users to consent to wallet delegation again.
Granting consent
To use delegated actions, your user must first grant consent to your app to take actions on their behalf. To prompt users to grant consent, follow this guide.