auth0_flutter 1.1.0 
auth0_flutter: ^1.1.0 copied to clipboard
auth0.comAuth0 SDK for Flutter. Easily integrate Auth0 into Android / iOS Flutter apps.
Documentation #
- Quickstart - our interactive guide for quickly adding login, logout and user information to your app using Auth0
- Sample app - a full-fledged sample app integrated with Auth0
- API documentation - documentation auto-generated from the code comments that explains all the available features
- Examples - examples that demonstrate the different ways in which this SDK can be used
- FAQ - frequently asked questions about the SDK
- Docs Site - explore our Docs site and learn more about Auth0
Getting Started #
Requirements #
| Flutter | Android | iOS |
|---|---|---|
| SDK 3.0+ | Android API 21+ | iOS 12+ |
| Dart 2.17+ | Java 8+ | Swift 5.3+ |
| Xcode 13.x / 14.x |
Installation #
Add auth0_flutter into your project:
flutter pub add auth0_flutter
Configure Auth0 #
Create a Native Application in the Auth0 Dashboard.
If you're using an existing application, verify you have configured the following settings in your Native Application:
- Click on the "Settings" tab of your application's page
- Ensure that "Application Type" is set to "Native"
- Ensure that the "Token Endpoint Authentication Method" setting has a value of "None"
- Scroll down and click on the "Show Advanced Settings" link
- Under "Advanced Settings", click on the "OAuth" tab
- Ensure that "JsonWebToken Signature Algorithm" is set to
RS256and that "OIDC Conformant" is enabled
Next, configure the following URLs for your application under the "Application URIs" section of the "Settings" page, for both Allowed Callback URLs and Allowed Logout URLs:
- Android:
SCHEME://YOUR_DOMAIN/android/YOUR_PACKAGE_NAME/callback - iOS:
YOUR_BUNDLE_ID://YOUR_DOMAIN/ios/YOUR_BUNDLE_ID/callback
For example, if your Auth0 domain was company.us.auth0.com and your package name (Android) or bundle ID (iOS) was com.company.myapp, then these values would be:
Android:
https://company.us.auth0.com/android/com.company.myapp/callback
iOS:
com.company.myapp://company.us.auth0.com/ios/com.company.myapp/callback
Take note of the Client ID and Domain values under the "Basic Information" section. You'll need these values in the next step.
Configure the SDK #
Instantiate the Auth0 class, providing your domain and Client ID values from the previous step:
final auth0 = Auth0('YOUR_AUTH0_DOMAIN', 'YOUR_AUTH0_CLIENT_ID');
Configure manifest placeholders (Android only)
Open the android/build.gradle file and add the following manifest placeholders inside android > defaultConfig.
// android/build.gradle
android {
// ...
defaultConfig {
// ...
// Add the following line
manifestPlaceholders = [auth0Domain: "YOUR_AUTH0_DOMAIN", auth0Scheme: "https"]
}
// ...
}
For example, if your Auth0 domain was company.us.auth0.com, then the manifest placeholders line would be:
manifestPlaceholders = [auth0Domain: "company.us.auth0.com", auth0Scheme: "https"]
💡 If your Android app is using product flavors, you might need to specify different manifest placeholders for each flavor.
Skipping the Android Web Auth configuration
If you don't plan to use Web Auth, you will notice that the compiler will still prompt you to provide the manifestPlaceholders values, since the RedirectActivity included in this library will require them, and the Gradle tasks won't be able to run without them.
Re-declare the activity manually using tools:node="remove" in the android/src/main/AndroidManifest.xml file to make the manifest merger remove it from the final manifest file. Additionally, one more unused activity can be removed from the final APK by using the same process. A complete snippet to achieve this is:
<!-- android/src/main/AndroidManifest.xml -->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="com.company.myapp">
<application android:theme="@style/AppTheme">
<!-- ... -->
<activity
android:name="com.auth0.android.provider.AuthenticationActivity"
tools:node="remove"/>
<!-- Optional: Remove RedirectActivity -->
<activity
android:name="com.auth0.android.provider.RedirectActivity"
tools:node="remove"/>
<!-- ... -->
</application>
</manifest>
Custom URL scheme configuration (iOS only)
Open the ios/Runner/Info.plist file and add the following snippet inside the top-level <dict> tag. This registers your iOS bundle identifier as a custom URL scheme, so the callback and logout URLs can reach your app.
<!-- ios/Runner/Info.plist -->
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- ... -->
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>None</string>
<key>CFBundleURLName</key>
<string>auth0</string>
<key>CFBundleURLSchemes</key>
<array>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
</array>
</dict>
</array>
<!-- ... -->
</dict>
</plist>
💡 If you're opening the
Info.plistfile in Xcode and it is not being shown in this format, you can Right Click onInfo.plistin the Xcode project navigator and then select Open As > Source Code.
Logging in #
Import auth0_flutter in the file where you want to present the login page.
import 'package:auth0_flutter/auth0_flutter.dart';
Then, present the Universal Login page in the onPressed callback of your Login button.
final credentials = await auth0.webAuthentication().login();
// Access token -> credentials.accessToken
// User profile -> credentials.user
auth0_flutter will automatically store the user's credentials using the built-in Credentials Manager instance. You can access this instance through the credentialsManager property.
final credentials = await auth0.credentialsManager.credentials();
For other comprehensive examples, see the EXAMPLES.md document.
SSO Alert Box (iOS) #
[ios-sso-alert]
Check the FAQ for more information about the alert box that pops up by default when using Web Auth on iOS.
💡 See also this blog post for a detailed overview of Single Sign-On (SSO) on iOS.
Common Tasks #
- Check for stored credentials - check if the user is already logged in when your app starts up.
- Retrieve stored credentials - fetch the user's credentials from the storage, automatically renewing them if they have expired.
- Retrieve user information - fetch the latest user information from the
/userinfoendpoint.
API reference #
Web authentication #
API #
Credentials Manager #
Feedback #
Contributing #
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
Raise an issue #
To provide feedback or report a bug, please raise an issue on our issue tracker.
Vulnerability Reporting #
Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
What is Auth0? #
Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout Why Auth0?
This project is licensed under the Apache 2.0 license. See the LICENSE file for more info.
Metadata
Publisher
Weekly Downloads
Metadata
Auth0 SDK for Flutter. Easily integrate Auth0 into Android / iOS Flutter apps.
Repository (GitHub)
View/report issues
License
unknown (license)
Dependencies
auth0_flutter_platform_interface, flutter
