The Optimized and Easiest Way to Integrate OAuth 2.0 with Mastodon API in Flutter 🎯

GitHub Sponsor GitHub Sponsor

pub package Dart SDK Version Test Analyzer Issues Pull Requests Stars Code size Last Commits License Contributor Covenant

1. Guide 🌎

This library provides the easiest way to authenticate with OAuth 2.0 for Mastodon API in Flutter apps.

Show some ❀️ and star the repo to support the project.

1.1. Getting Started ⚑

1.1.1. Install Library

 flutter pub add mastodon_oauth2

1.1.2. Import

import 'package:mastodon_oauth2/mastodon_oauth2.dart';

1.1.3. Setup Android

On Android you must first set the minSdkVersion in the build.gradle file:

defaultConfig {
   minSdkVersion 18

Then, to test with this library, let's set org.example.oauth://callback/ as a callback URI in your developer page.

You can see developer page of mastodon in the link like below.

And then, specify your redirect uri like below.

Set Callback URI

Also it's necessary to add the following definitions to AndroidManifest.xml.

<activity android:name="com.linusu.flutter_web_auth_2.CallbackActivity" android:exported="true">
    <intent-filter android:label="flutter_web_auth_2">
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />
        <data android:scheme="org.example.oauth" android:host="callback" />

Finally you need to set this redirect url for MastodonOAuth2Client.

final oauth2 = MastodonOAuth2Client(
  // Specify mastodon instance like ""
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET',
  redirectUri: 'org.example.oauth://callback/',
  customUriScheme: 'org.example.oauth',

You can see details here. iOS

On iOS you need to set the platform in the ios/Podfile file:

platform :ios, '11.0'

The usage of MastodonOAuth2Client is the same as for Android above. Web

For Web, the implementation method for using this package is the same as for Android and iOS above, but it's necessary to separately create HTML for the destination to be redirected to after authentication.

First, you will need to create the following HTML directly under your web folder in preparation for OAuth authentication in your web browser. Then, let's save this HTML file with the name auth.html.

<!DOCTYPE html>
<title>Authentication complete</title>
  Authentication is complete. If this does not happen automatically, please
  close the window.
    window.opener.postMessage(window.location.href, window.location.origin);

And now your web folder should look like this.

Set auth.html

And then, unlike Android and iOS, the redirect URL should refer to this created auth.html. So, now let's set it to http://localhost:5555/auth.html for example.

Set redirect uri for Web

Finally, you need to set this redirect url for MastodonOAuth2Client.

final oauth2 = MastodonOAuth2Client(
  // Specify mastodon instance like ""
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET',
  redirectUri: 'http://localhost:5555/auth.html',
  customUriScheme: 'http://localhost:5555/auth.html',

1.1.4. Implementation

Now all that's left is to launch the following example Flutter app and press the button to start the authentication process with OAuth 2.0!

After pressing the Authorize button, a redirect will be performed and you will see that you have obtained your bearer token.

import 'package:flutter/material.dart';

import 'package:mastodon_oauth2/mastodon_oauth2.dart';

void main() {
  runApp(const MaterialApp(home: Example()));

class Example extends StatefulWidget {
  const Example({Key? key}) : super(key: key);

  State<Example> createState() => _ExampleState();

class _ExampleState extends State<Example> {
  String? _accessToken;
  String? _refreshToken;

  Widget build(BuildContext context) => Scaffold(
        body: Center(
          child: Column(
            children: [
              Text('Access Token: $_accessToken'),
                onPressed: () async {
                  final oauth2 = MastodonOAuth2Client(
                    // Specify mastodon instance like ""
                    instance: 'MASTODON_INSTANCE'
                    clientId: 'YOUR_CLIENT_ID',
                    clientSecret: 'YOUR_CLIENT_SECRET',

                    // Replace redirect url as you need.
                    redirectUri: 'org.example.oauth://callback/',
                    customUriScheme: 'org.example.oauth',

                  final response = await oauth2.executeAuthCodeFlow(
                    scopes: [

                  super.setState(() {
                    _accessToken = response.accessToken;
                child: const Text('Push!'),

1.2. Contribution πŸ†

If you would like to contribute to mastodon-oauth2, please create an issue or create a Pull Request.

There are many ways to contribute to the OSS. For example, the following subjects can be considered:

  • There are scopes that are not implemented.
  • Documentation is outdated or incomplete.
  • Have a better way or idea to achieve the functionality.
  • etc...

You can see more details from resources below:

Or you can create a discussion if you like.

Feel free to join this development, diverse opinions make software better!

1.3. Contributors ✨

Thanks goes to these wonderful people (emoji key):

Shinya Kato / εŠ θ—€ 真也
Shinya Kato / εŠ θ—€ 真也

πŸ’» πŸ“– 🎨 πŸ’‘ 🚧 ⚠️ βœ…
Mark O'Sullivan
Mark O'Sullivan

Abraham Williams
Abraham Williams

πŸ’» πŸ“– ⚠️

πŸ“– πŸ€”

This project follows the all-contributors specification. Contributions of any kind welcome!

1.4. Support ❀️

The simplest way to show us your support is by giving the project a star at GitHub and

You can also support this project by becoming a sponsor on GitHub:


1.5. License πŸ”‘

All resources of mastodon_oauth2 is provided under the BSD-3 license.

Copyright 2022 Kato Shinya. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided the conditions.

License notices in the source are strictly validated based on .github/header-checker-lint.yml. Please check header-checker-lint.yml for the permitted standards.

1.6. More Information 🧐

mastodon_oauth2 was designed and implemented by Kato Shinya (@myConsciousness).