With Privy, you can enable an allow list for your application to gate access to specific email addresses, phone numbers, and/or wallet addresses. You can use the allow list feature to coordinate a beta launch of your product for early-access users, manage an ongoing waitlist, and more!When you enable an allow list for your app:
All existing users will still be permitted to login to your app
New users must be added to the allow list by their email address, phone number, or wallet address to be permitted to login
New users who have not been added to your allow list will not be permitted to login.
You can enable an allow list directly from the Privy developer dashboard. To do so, just navigate to the Users page > Access Control tab of the dashboard and toggle allow lists on.
Using the developer dashboard, you can easily add and remove users from your app’s invite list page.
It’s easy to use the Privy API to manage your waitlist with a third party-tool. For instance, if you are using Airtable to manage your waitlist, you can easily integrate it with Privy.Check out this guide for more!
The identifier of the account to remove from the allow list. Should be the corresponding email
address, phone number, or wallet address.
If the invitation is successful, the method will return an that represents the now-deleted allow list entry. If the invitation fails, the method will throw an error.
If a user has successfully logged into your application (e.g. after having been added to the allow
list), you must delete their user object,
rather than deleting their allow list entry—to revoke their access.
If the request is successful, the method will return an array of objects. These include a type describing the type of entry ('email', 'phone', or 'wallet') and a value with the corresponding account identifier (e.g. the email address).
If your app has an allow list enabled, new users who attempt to login with an account not in your allow list will not be permitted to login to your app.You can customize the screen shown to the user when they are denied permission to login, to help contextualize the allow list within your app.To customize this screen, make a POST request to
The URL to navigate the user to, when they click the error CTA. Defaults to just closing the
screen on click, instead of navigating the user to another URL.
Below is a sample cURL command for updating the allow list config:
Copy
Ask AI
curl --request POST 'https://auth.privy.io/api/v1/apps/<your-privy-app-id>' \-u "<your-privy-app-id>:<your-privy-app-secret>" \-H "privy-app-id: <your-privy-app-id>" \-H 'Content-Type: application/json' \--data-raw '{ "allowlist_config": { "error_title": "Insert your error title", "error_detail": "Insert your error detail", "cta_text": "Insert your error CTA", "cta_link": "Insert a URL to navigate the user to when clicking the CTA" }}'