Logto helps you quickly focus on everything after signing in.

Logto Flutter SDKs

Build Status

Logto's flutter SDK for native apps.


flutter pub get logto_dart_sdk


Name Description
logto_core Core SDK is used for generation dart project with basic API and util method provided.
logto_client Client SDK for flutter native apps. Built based on logto_core with user sign-in interaction flow integrated

Logto Client



We use flutter_secure_storage to implement the cross-platform persistent auth_token secure storage.

  • Keychain is used for iOS
  • AES encryption is used for Android.

Configure Android version:

In project/android/app/build.gradle set minSdkVersion to >= 18.

android {

    defaultConfig {
        minSdkVersion 18

Note By default Android backups data on Google Drive. It can cause exception java.security.InvalidKeyException:Failed to unwrap key. You need to:

  • disable autobackup,
  • exclude sharedprefs FlutterSecureStorage used by the plugin
  1. To disable autobackup, go to your app manifest file and set the boolean value android:allowBackup.
<manifest ... >
  1. Exclude sharedprefs FlutterSecureStorage.

If you need to enable the android:fullBackupContent for your app. Set up a backup rule to exclude the prefs used by the plugin.

<application ...
<?xml version="1.0" encoding="utf-8"?>
  <exclude domain="sharedpref" path="FlutterSecureStorage"/>

Please check flutter_secure_storage for more details.


flutter_web_auth is used behind Logto's flutter SDK. We rely on its webview-based interaction interface to open Logto's authorization pages.

In the background, this plugin uses ASWebAuthenticationSession on iOS 12+ and macOS 10.15+, SFAuthenticationSession on iOS 11, Chrome Custom Tabs on Android and opens a new window on Web. You can build it with iOS 8+, but it is currently only supported by iOS 11 or higher.


In order to capture the callback url from Logto's sign-in web page, you will need to register your sign-in redirectUri to the AndroidManifest.xml.

<activity android:name="com.linusu.flutter_web_auth.CallbackActivity" android:exported="false">
    <intent-filter android:label="flutter_web_auth">
        <action android:name="android.intent.action.VIEW"/>
        <category android:name="android.intent.category.DEFAULT"/>
        <category android:name="android.intent.category.BROWSABLE"/>
        <data android:scheme="io.logto"/>

By doing so, your app will automatically capture the callbaclUri after a successful sign-in and redirect the user back to the app.

Basic Usage

import 'package:logto_dart_sdk/logto_dart_sdk.dart';

// ...
late LogtoClient logtoClient;

void _init() async  {
  logtoClient = LogtoClient(
    config: config, // LogtoConfig
    httpClient: http.Client(), // Optional http client

void signIn() async {
  await logtoClient.signIn(redirectUri);

void signOut() async {
  await logtoClient.signOut();

Class LogtoConfig


name type description
appId String Your appId generate from Logto's admin console
appSecret String? App Secret generated along with the appId. Optional for native apps.
endpoint String Your logto server endpoint. e.g. https://logto.dev
scopes List<String>? List all the permission scopes your app will request for. You may define and find it through Logto's admin console.
resources List<String>? List all the resource indicators you app may request for access. You may define and find it through Logto's admin console.

Class LogtoClient


name type description
config final LogtoConfig Logto Config used to init Logto Client
idToken read-only Future<String?> idToken returned after success authentication
isAuthenticated read-only Future<bool> Is Authenticated status
idTokenClaims read-only Future<OpenIdClaims?> Decoded idToken claims including basic userinfo
loading read-only bool Global API loading status


name type description
getAccessToken ({String? resource}) -> Future<AccessToken> Request for an api resource specific access token for authorization
signIn (String? redirectUri) -> Future<void> Init user sign-in flow
signOut () -> Future<void> Sign-out
getUserInfo () => Future<UserInfo> Get user info