Documentation | Policies › Create Policy Rule

Policies

policies

Methods

Create Policy ->

Policy

post/v1/policies

Create a new policy.

header Parameters

privy-idempotency-key: string

Optional

Idempotency keys ensure API requests are executed only once within a 24-hour window.

Response fields

Policy

Request example

curl https://api.privy.io/v1/policies \
    -H 'Content-Type: application/json' \
    -H "Authorization: Basic $PRIVY_APP_ID:$PRIVY_APP_SECRET" \
    -d '{
          "chain_type": "ethereum",
          "name": "x",
          "rules": [
            {
              "action": "ALLOW",
              "conditions": [
                {
                  "field": "to",
                  "field_source": "ethereum_transaction",
                  "operator": "eq",
                  "value": "string"
                }
              ],
              "method": "eth_sendTransaction",
              "name": "x"
            }
          ],
          "version": "1.0"
        }'

200Example

{
  "id": "tb54eps4z44ed0jepousxi4n",
  "chain_type": "ethereum",
  "created_at": 1741833088894,
  "name": "Allowlisted stablecoins",
  "owner_id": null,
  "rules": [
    {
      "id": "bdyfoa65pro1eez6iwtzanol",
      "action": "ALLOW",
      "conditions": [
        {
          "field": "to",
          "field_source": "ethereum_transaction",
          "operator": "eq",
          "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
        }
      ],
      "method": "eth_sendTransaction",
      "name": "Allowlist USDC contract on Base"
    }
  ],
  "version": "1.0"
}

Get Policy ->

Policy

get/v1/policies/{policy_id}

Get a policy by policy ID.

Get Policy Rule -> { id, action, conditions, 2 more... }

get/v1/policies/{policy_id}/rules/{rule_id}

Get a rule by policy ID and rule ID.

Update Policy ->

Policy

patch/v1/policies/{policy_id}

Update a policy by policy ID.

Delete Policy -> { success }

delete/v1/policies/{policy_id}

Delete a policy by policy ID.

Create Policy Rule -> { id, action, conditions, 2 more... }

post/v1/policies/{policy_id}/rules

Create a new rule for a policy.

path Parameters

policy_id: string

(minLength: 24, maxLength: 24)

header Parameters

privy-authorization-signature: string

Optional

Request authorization signature. If multiple signatures are required, they should be comma separated.

Response fields

id: string

action: "ALLOW" | "DENY"

Action to take if the conditions are true.

conditions: Array<{ field, field_source, operator, 1 more... } | { abi, field, field_source, 2 more... } | { field, field_source, operator, 1 more... } | 7 more...>

method: "eth_sendTransaction" | "eth_signTransaction" | "eth_signUserOperation" | 7 more...

Method the rule applies to.

name: string

(minLength: 1, maxLength: 50)

Request example

curl https://api.privy.io/v1/policies/$POLICY_ID/rules \
    -H 'Content-Type: application/json' \
    -H "Authorization: Basic $PRIVY_APP_ID:$PRIVY_APP_SECRET" \
    -d '{
          "action": "ALLOW",
          "conditions": [
            {
              "field": "to",
              "field_source": "ethereum_transaction",
              "operator": "eq",
              "value": "string"
            }
          ],
          "method": "eth_sendTransaction",
          "name": "x"
        }'

200Example

{
  "id": "rule_123",
  "action": "ALLOW",
  "conditions": [
    {
      "field": "to",
      "field_source": "ethereum_transaction",
      "operator": "eq",
      "value": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
    }
  ],
  "method": "eth_sendTransaction",
  "name": "Allowlist USDC contract on Base"
}

Update Policy Rule -> { id, action, conditions, 2 more... }

patch/v1/policies/{policy_id}/rules/{rule_id}

Update a rule by policy ID and rule ID.

Delete Policy Rule -> { success }

delete/v1/policies/{policy_id}/rules/{rule_id}

Delete a rule by policy ID and rule ID.

Domain types

Policy = { id, chain_type, created_at, 4 more... }