Provisioning server sessions

Wallets created through Privy can either be used directly from a user’s device or from a server. To allow wallets created on user devices to be used from the server, follow the guide below.

To provision server-side access for a user’s wallets, use the delegateWallet method from the useHeadlessDelegatedActions hook:

delegateWallet: async ({address: string, chainType: 'ethereum' | 'solana'}) => Promise<void>

Usage

import {useHeadlessDelegatedActions} from '@privy-io/react-auth';
const {delegateWallet} = useHeadlessDelegatedActions();

Parameters

The delegateWallet method accepts a params object with the following fields:

address
string

Address of the embedded wallet to delegate.

chainType
'ethereum' | 'solana'

Chain type of the embedded wallet to delegate.

Getting wallets

From your server, you can query Privy to determine what wallets have been provisioned server sessions by a given user to allow your app to take actions on their behalf.

Use the Privy client’s getUser method to get the user object for your user. As a parameter to this method, pass the user’s DID as a string:

const user = await client.getUser('did:privy:insert-user-did');

Then, to get a list of the user’s server session provisioned wallets, first find all of the user’s embedded wallets from the user’s linked accounts. Simply filter the user.linkedAccounts array for wallet entries with walletClientType: 'privy':

// The `WalletWithMetadata` type can be imported from '@privy-io/server-auth'
const embeddedWallets = user.linkedAccounts.filter(
  (account): account is WalletWithMetadata =>
    account.type === 'wallet' && account.walletClientType === 'privy'
);

Then, filter the array of embedded wallets for entries where the delegated flag is set to true:

const delegatedWallets = embeddedWallets.filter((wallet) => wallet.delegated);

This constitutes the user’s server session provisioned wallets. Server session provisioned wallets will always have the delegated flag set to true.

For wallets included in this array, your app may make requests to Privy to execute actions on Solana or EVM networks on behalf of the user.

Revoking server sessions

Once a user has provisioned a server session, they may also revoke consent to prevent your app from taking any further wallet actions on their behalf.

To revoke a user’s server session automatically, without a revocation screen, use the revokeWallets method from the useHeadlessDelegatedActions hook:

import {useHeadlessDelegatedActions} from '@privy-io/react-auth';
...
const {revokeWallets} = useHeadlessDelegatedActions();

When invoked, the revokeWallets method will revoke all of the user’s server session provisioned wallets.

Once a user confirms revocation, your app will no longer be able to take actions on behalf of the user with their wallet unless the user provisions a server session.

If a user has provisioned multiple server sessions, they will all be revoked.

As an example, you might have a button within your app to allow users to revoke server session provisioned wallets like so:

Example Create Wallet Button
import {usePrivy, useheadlessDelegatedActions, type WalletWithMetadata} from '@privy-io/react-auth';

function RevokeDelegateActionButton() {
  const {user} = usePrivy();
  const {revokeWallets} = useHeadlessDelegatedActions();

  // Check if the user has any delegated wallets by searching the linkedAccounts array for wallets
  // with `delegated: true` set
  const hasDelegatedWallets =
    user.linkedAccounts.filter(
      (account): account is WalletWithMetadata => account.type === 'wallet' && account.delegated
    ).length !== 0;

  const onRevoke = async () => {
    if (!hasDelegatedWallets) return; // Button is disabled to prevent this case
    await revokeWallets();
  };

  return (
    <button disabled={!hasDelegatedWallets} onClick={onRevoke}>
      Revoke permission for this app to transact on my behalf
    </button>
  );
}

Was this page helpful?