- in your client, include the user’s access token on requests
- in your server, secure procedures by validating the token included on requests
If you’re using tRPC with zod, check out this transformation
tool to automatically generate zod schemas from
Privy’s types (e.g.
user.email
).Configuring your client
When your client (frontend) makes a request to one of your tRPC procedures, you should include the Privy auth token, so that your server can verify that the user is authenticated.The following works for both
createTRPCProxyClient
(vanilla) or createTRPCNextClient
(Next.js). Note that while the configuration method signature is different between the two, the
inner configuration object/strategy will remain the same. The example shown is for NextJS.httpBatchLink
within the links
configuration. Below is an example: