HSS Okta Flutter

The presented plugin functions as an abstraction layer, seamlessly integrating Okta's Native SDKs into the Flutter ecosystem, thereby enabling the utilization of Okta's robust security framework within a cross-platform Flutter environment. This encapsulation endows Flutter-based iOS and Android applications with the capability to leverage Okta's Classic Engine Authentication workflows, ensuring a secure and efficient user authentication experience. The plugin is architecturally designed to interface fluently with native platform capabilities, harnessing the power of Dart's asynchronous features to provide a non-blocking, streamlined authentication process that is both platform-agnostic and performance-optimized.

🤝 Contributors & Maintainers:

This project is proudly developed and maintained by HyperSense Software.

📄 License:

Distributed under the MIT License. See LICENSE for more information.

How to Install

For mobile:

$ flutter pub add hss_okta_flutter

For Web:

$ flutter pub add hss_okta_flutter

In your index.html header tag, add Okta's Javascript library.

<script src="https://global.oktacdn.com/okta-auth-js/7.4.1/okta-auth-js.min.js" type="text/javascript"></script>



Feature Android IOS
Resource Owner Flow / Direct Authentication ✅ (MFA Not Available)
Browser Redirect Authentication
Device Authorization
Device SSO


Authentication by Redirection
Authentication by Popup
Token Manager
Authentication Client Setup
Authentication State Manager 🚧
Fetch User info

Getting Started

Android Create okta.property file inside android root folder


issuer= <https://your.issuer.link>
clientId= <Your client id>
signInRedirectUri= <Sign in redirect URL>
signOutRedirectUri= <Sign out redirect URL>
scopes= <List of scopes, separated by space>

IOS Create Okta.plist in your iOS project


<string>Your client id</string>
<string>Sign in redirect URL</string>
<string>Sign out redirect URL</string>
<string>List of scopes, separated by space</string>

General Usage:

import 'package:hss_okta_flutter/hss_okta_flutter_plugin.dart';

final _plugin =  HssOktaFlutter();

Future<void> getCredential() async{

    await _plugin.getCredentials();

Browser Redirect Authentication

import 'package:hss_okta_flutter/hss_okta_flutter_plugin.dart';

Widget build(BuildContext context){
return HssOktaBrowserSignOutWidget(
onResult: (success){
builder: (context,child) => Container(child:child)


import  'package:hss_okta_flutter/hss_okta_flutter.dart';
final oktaWeb = HssOktaFlutterWeb();

void main(){
await oktaWeb.initializeClient(OktaConfig({
issuer: 'com.dev.okta.myApp'
clientId: '123456'
redirectUri: 'https:localhost:8080/callback'

final token = await oktaWeb.token.startPopUpAuthentication();

Authentication Flows


Browser Redirect

The login is achieved through the Web-based OIDC flows, where the user is redirected to the Okta-Hosted login page. After the user authenticates, they are redirected back to the application.

This launches a popup web view where the user can login and interact with challenges.

Direct Authentication Flow / Resource Owner Flow

Direct Authentication with MFA is Only available for iOS. Used for Owner Resource authentication with user and password.

Device Authentication Flow

Allow the user to login via another device, the plugin will provide a access code and a URI where the user can login via another device or the browser.

Device SSO

Allows Single sign on using a Device secret paired with the user's ID token


Auth by Redirect

Redirects the user to Okta's Issuer Url and prompts the user to login

Auth by Popup

Launches a New window and prompts the user to login