Appearance
Removing from the allowlist
Privy allows you to easily remove a user's email address, phone number, or wallet address to the allowlist for your app.
Using @privy-io/server-auth
Use the PrivyClient
's removeFromAllowlist
method to remove a user from your allowlist.
tsx
const removedAllowlistEntry = await privy.removeFromAllowlist({
type: 'email',
value: 'batman@privy.io',
});
As a parameter to the method, pass an AllowlistEntryInput
object with the following fields:
Field | Type | Description |
---|---|---|
type | 'email' | 'phone' | 'wallet' | The type of account to remove from the allowlist. |
value | string | The identifier of the account to remove from the allowlist. Should be the corresponding email address, phone number, or wallet address. |
If the invitation is successful, the method will return an AllowlistEntry
that represents the now-deleted allowlist entry. If the invitation fails, the method will throw an error.
Using the REST API
Make a DELETE
request to:
sh
https://auth.privy.io/api/v1/apps/<your-privy-app-id>/allowlist
In the body of the request, include the following fields:
Field | Type | Description |
---|---|---|
type | 'email' | 'phone' | 'wallet' | The type of account to remove from the allowlist. |
value | string | The identifier of the account to remove from the allowlist. Should be the corresponding email address, phone number, or wallet address. |
Below is a sample cURL command for deleting an email from the allowlist:
bash
curl --request DELETE 'https://auth.privy.io/api/v1/apps/<your-privy-app-id>/allowlist' \
-u "<your-privy-app-id>:<your-privy-app-secret>" \
-H "privy-app-id: <your-privy-app-id>" \
-H 'Content-Type: application/json' \
--data-raw '{
"type": "email",
"value": "user@email.com"
}'
A successful response will include the deleted entry, like below:
json
{
"id": "allowlist-entry-ID",
"type": "email",
"value": "user@email.com",
"appId": "your-privy-app-ID"
},
If there is no corresponding allowlist entry for the invited account you attempted to delete, the response will include an error.
INFO
If a user has successfully logged into your application (e.g. after having been added to the allowlist), you must delete their user object, rather than deleting their allowlist entry—to revoke their access.