login method
Future<Credentials>
login({
- String? audience,
- Set<
String> scopes = const {'openid', 'profile', 'email', 'offline_access'}, - String? redirectUrl,
- String? organizationId,
- String? invitationUrl,
- bool useHTTPS = false,
- bool useEphemeralSession = false,
- Map<
String, String> parameters = const {}, - IdTokenValidationConfig idTokenValidationConfig = const IdTokenValidationConfig(),
- SafariViewController? safariViewController,
Redirects the user to the Auth0 Universal Login page for authentication. If successful, it returns a set of tokens, as well as the user's profile (constructed from ID token claims).
If redirectUrl
is not specified, a default URL is used that incorporates
the domain
value specified to Auth0.new, and scheme on Android, or
the bundle identifier in iOS/macOS. redirectUrl
must appear in your
Allowed Callback URLs list for the Auth0 app.
Read more about redirecting users.
How the ID token is validated can be configured using
idTokenValidationConfig
, but in general the defaults for this are
adequate.
Additional notes:
audience
relates to the API Identifier you want to reference in your access tokens. See API settings to learn more.scopes
defaults toopenid profile email offline_access
. You can override these scopes, butopenid
is always requested regardless of this setting.- Arbitrary
parameters
can be specified and then picked up in a custom Auth0 Action or Rule. - If you want to log into a specific organization, provide the
organizationId
. ProvideinvitationUrl
if a user has been invited to join an organization. - (iOS only):
safariViewController
causesSFSafariViewController
to be used when opening the Universal Login page, as an alternative to the defaultASWebAuthenticationSession
. You will also need to configure your iOS app to automatically resume the Web Auth operation after login. - (iOS/macOS only):
useHTTPS
controls whether to usehttps
as the scheme for the redirect URL on iOS 17.4+ and macOS 14.4+. When set totrue
, the bundle identifier of the app will be used as a custom scheme on older versions of iOS and macOS. Requires an Associated Domain configured with thewebcredentials
service type, set to your Auth0 domain –or custom domain, if you have one. - (iOS/macOS only):
useEphemeralSession
controls whether shared persistent storage is used for cookies. Read more on the effects this setting has.
Implementation
Future<Credentials> login(
{final String? audience,
final Set<String> scopes = const {
'openid',
'profile',
'email',
'offline_access'
},
final String? redirectUrl,
final String? organizationId,
final String? invitationUrl,
final bool useHTTPS = false,
final bool useEphemeralSession = false,
final Map<String, String> parameters = const {},
final IdTokenValidationConfig idTokenValidationConfig =
const IdTokenValidationConfig(),
final SafariViewController? safariViewController}) async {
final credentials = await Auth0FlutterWebAuthPlatform.instance.login(
_createWebAuthRequest(WebAuthLoginOptions(
audience: audience,
scopes: scopes,
redirectUrl: redirectUrl,
organizationId: organizationId,
invitationUrl: invitationUrl,
parameters: parameters,
idTokenValidationConfig: idTokenValidationConfig,
scheme: _scheme,
useHTTPS: useHTTPS,
useEphemeralSession: useEphemeralSession,
safariViewController: safariViewController)));
await _credentialsManager?.storeCredentials(credentials);
return credentials;
}