Skip to main content

Overview

Phantom Connect is a suite of tools that lets developers onboard users instantly with embedded wallets powered by Phantom. Users sign in with Google, Apple, or their existing Phantom account, and your app receives a secure, ready-to-use wallet without requiring extensions, mobile apps, or private-key management. When users authenticate with social login, Phantom creates an embedded wallet inside a secure environment on the user’s device. This wallet is authorized to transact with your app and is protected by spending-limit controls, domain binding, and real-time risk evaluation. Your app never handles private keys and never becomes a custodian.

Connect modal

Phantom Connect includes a built-in Connect modal that handles sign-in and wallet connection for you. It’s the recommended way to onboard users because it works across supported sign-in methods and returns a connected wallet session your app can use immediately. Connect modal showing login options with Google, Apple, and Other Wallets Connect modal features:
  • Multiple sign-in options, including Google, Apple, and Phantom Login
  • Mobile deep link support for connecting via the Phantom mobile app
  • Built-in error handling and loading states
  • Works across devices and environments
  • Handles the full connection flow and returns a ready-to-use wallet session
For implementation, see the Connect guide for your SDK: React, React Native.

Embedded wallets

Embedded wallets are wallets built directly into your application. No browser extensions, mobile apps, or external wallet software required. Users authenticate with familiar methods like Google, Apple, or their Phantom account, and your app instantly has access to a fully functional wallet. Embedded wallets remove the friction of traditional wallet onboarding while maintaining the security and self-custody guarantees users expect.

Spending limits

Embedded wallets have a default spending limit of $1,000 USD per app per day. This limit applies to the total value of transactions a user can sign through your app within a 24-hour period. The limit resets daily and helps protect users from unauthorized or excessive spending.

Authentication methods

Phantom Connect supports multiple authentication paths. Social login and Phantom Login result in an embedded wallet that your app can use through the Phantom Connect SDKs. Extension and injected wallet connections use the user’s existing wallet instead.

Social login

When a user selects Sign in with Google or Sign in with Apple, Phantom Connect creates or retrieves an embedded wallet tied to that identity. Flow summary:
  1. Users authenticate with Google or Apple.
  2. Users enter their 4-digit PIN.
  3. Users approve any required permissions or spending limits.
  4. Your app receives the connected embedded wallet.
How embedded wallets work for different user types:
  • New social-login users: Phantom creates a brand-new embedded wallet.
  • Existing social-login (seedless) users: Phantom securely converts the existing seedless wallet into an embedded wallet. After that, the same wallet is usable in both Phantom and your app.

Phantom Login

Phantom Login lets users authenticate with their existing Phantom account. If the Phantom browser extension is installed, it may be used to present approval screens. Flow summary:
  1. Your app initiates the Phantom Login flow using provider: "phantom".
  2. Phantom checks whether the user has an existing Phantom account.
  3. Users authenticate and approve permissions.
  4. Your app receives an embedded wallet session.
How embedded wallets work for different user types in this flow:
  • Existing social-login users: Their existing seedless wallet is reconstructed securely. After that, the same wallet is available in both Phantom and your app.
  • Recovery-phrase users: Phantom creates a new embedded wallet for use inside your app. Their seed-phrase wallet remains separate and self-custodial.
Use the isPhantomLoginAvailable() function (Browser SDK) or useIsPhantomLoginAvailable hook (React SDK) to check availability before showing the Phantom Login option.

Extension and injected wallets

When users connect with the Phantom extension or any other injected wallet:
  • Phantom Connect doesn’t create an embedded wallet.
  • Users transact and approve actions directly inside their extension.
  • The extension signs using whatever key-management system that wallet uses.
  • Your app receives the connected account through the same Phantom Connect SDK interface.
This gives your app a unified integration path while preserving the user’s wallet choice.

Account selection behavior

Social login

Users can choose from any Phantom accounts tied to their Google or Apple identity, from the account picker.

Extension and injected wallets

Users can choose from any Phantom account tied to their recovery phrase.

Disconnecting an app

Users can disconnect your app at any time from Phantom:
  1. Open Phantom (extension or mobile app).
  2. Go to Settings → Connected Apps.
  3. Select your app.
  4. Choose Revoke permissions or Disconnect.
After disconnecting, your app can no longer access the wallet.

Session duration

A Phantom Connect session remains active for seven days from the last login. After it expires, users must sign in again with Google, Apple, or Phantom Login.

FAQ

Phantom Connect lets your users sign in with Google, Apple, or Phantom Login and receive a secure embedded wallet your app can use for signing. No wallet installation required. Users who prefer the Phantom browser extension can also connect their existing wallet instead.
There’s no cost to use Phantom Connect. Phantom provides authentication, embedded wallets, and signing infrastructure at no charge to developers.
Phantom Connect creates a wallet that only the user can authorize. Private keys never pass through your app or backend and never appear in plaintext. Every action is authenticated by the user and evaluated against built-in protections like spending limits and app-level permissions. Your integration stays fully non-custodial.
Phantom Connect supports three ways for users to sign in:
  • Social login: Users sign in with Google or Apple. Your app receives a secure embedded wallet that’s ready to use immediately.
  • Phantom Login: Users authenticate with their existing Phantom account. Your app receives an embedded wallet linked to their Phantom identity.
  • Extension and injected wallets: Users connect with the Phantom extension or any other injected wallet. All approvals happen in the existing wallet, and no embedded wallet is created.
Your app can support one or more of these methods depending on your needs.
No. Private keys are never exposed to your app, your backend, or your infrastructure. Phantom Connect handles secure signing behind the scenes, and your app simply requests signatures through the SDK.
Integration is lightweight:
  1. Create an account in Phantom Portal.
  2. Create an app.
  3. Verify your domain.
  4. Configure allowed origins and redirect URLs.
  5. Add your app information.
  6. Get your App ID and integrate.
  7. Trigger the connect flow and start using the wallet returned by the SDK.

Resources

For implementation details and platform-specific examples, see the Phantom Connect SDKs:
Use the Phantom Cursor plugin to scaffold complete integrations with AI. Your Cursor agent can set up any SDK, configure social login, and build transaction flows automatically. See the plugin documentation for details.