Manage Allowlists

Control which addresses can hold your token using allowlists.

Tokens created with requiresAllowlist: true keep a list of approved destination addresses for controlled token actions. SDP enforces that list on allowlist-aware issuance flows such as minting and administrative transfers. Payment transfers use wallet-level destination allowlists instead of this token allowlist. This is essential for regulated tokens like tokenized securities.

When a token is created without an allowlist, the dashboard hides allowlist management for that token.

Prerequisites

  • A token with requiresAllowlist enabled
  • The tokens:write permission for API key callers

Add an address

curl -X POST https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "address": "7xKXz...9fGh",
    "label": "Treasury wallet"
  }'
const response = await fetch(
  "https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist",
  {
    method: "POST",
    headers: {
      "Authorization": "Bearer sk_test_...",
      "Content-Type": "application/json",
    },
    body: JSON.stringify({
      address: "7xKXz...9fGh",
      label: "Treasury wallet",
    }),
  }
);
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist"))
    .header("Authorization", "Bearer sk_test_...")
    .header("Content-Type", "application/json")
    .POST(HttpRequest.BodyPublishers.ofString("""
        {
          "address": "7xKXz...9fGh",
          "label": "Treasury wallet"
        }"""))
    .build();

The label field is optional but recommended for identifying entries.

List entries

curl https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist \
  -H "Authorization: Bearer sk_test_..."
const response = await fetch(
  "https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist",
  { headers: { "Authorization": "Bearer sk_test_..." } }
);
const { data, meta } = await response.json();
// meta: { total, page, pageSize, hasMore }
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist"))
    .header("Authorization", "Bearer sk_test_...")
    .GET()
    .build();

Supports page and pageSize query parameters for pagination.

Remove an address

curl -X DELETE \
  https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist/alw_abc123 \
  -H "Authorization: Bearer sk_test_..."
await fetch(
  "https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist/alw_abc123",
  {
    method: "DELETE",
    headers: { "Authorization": "Bearer sk_test_..." },
  }
);
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://api.solana.com/v1/issuance/tokens/tok_abc123/allowlist/alw_abc123"))
    .header("Authorization", "Bearer sk_test_...")
    .DELETE()
    .build();

Workflow

A typical allowlist workflow for a tokenized security:

  1. Create the token with "requiresAllowlist": true and template "tokenized-security"
  2. Deploy the token
  3. Collect wallet addresses from KYC-verified users
  4. Add each verified address to the allowlist
  5. Mint tokens to allowlisted addresses
  6. Remove addresses when compliance status changes

Mint and Burn Tokens

Increase or decrease token supply by minting and burning.

Freeze and Compliance

Freeze accounts, pause transfers, seize tokens, and screen addresses for compliance workflows.

On this page

PrerequisitesAdd an addressList entriesRemove an addressWorkflow