Sayari OAuth Flutter SDK

Reusable Flutter helpers for integrating Sayari Account login into mobile and desktop apps.

Features

  • builds the Sayari authorize URL
  • generates and manages PKCE values
  • parses deep-link callbacks
  • prepares the backend exchange payload
  • launches the authorization flow
  • supports optional loginHint prefill

Install

Add the package to your pubspec.yaml:

dependencies:
  sayari_oauth_flutter_sdk:
    path: ../sayari_oauth_flutter_sdk

Or depend on the published pub.dev version.

Quick Start

import 'package:sayari_oauth_flutter_sdk/sayari_oauth_flutter_sdk.dart';

final config = SayariOAuthConfig(
  appId: 'YOUR_APP_ID',
  authorizeUrl: 'https://accounts.sayarisoftware.com/oauth/authorize',
  tokenUrl: 'https://accounts-api.sayarisoftware.com/api/v1/oauth/token',
  redirectUri: 'myapp://auth/callback',
  providerOrigin: 'https://accounts.sayarisoftware.com',
  backendBaseUrl: 'https://your-backend.example.com',
  appName: 'My Flutter App',
);

final sdk = SayariOAuthFlutterSdk(config);
final pkce = sdk.createPkce();

await sdk.launchAuthorize(
  pkce: pkce,
  loginHint: 'name@example.com',
);

Typical Flow

  1. Create a SayariOAuthConfig.
  2. Generate PKCE with createPkce().
  3. Launch the Sayari authorization flow.
  4. Receive the deep-link callback.
  5. Validate the callback state.
  6. Send the authorization code to your backend.
  7. Exchange the code with Sayari on your backend.

Core API

SayariOAuthConfig

Defines the app registration and Sayari endpoints.

Required:

  • appId
  • authorizeUrl
  • tokenUrl
  • redirectUri
  • providerOrigin

Optional:

  • appName
  • appIcon
  • backendBaseUrl
  • scope
  • loginHint

SayariPkce

Creates PKCE values for the authorization flow.

final pkce = SayariPkce.generate();

SayariOAuthTransaction

Keeps one login attempt together and helps guard against replaying the same callback.

SayariOAuthClient

Lower-level helpers for:

  • building the authorize URI
  • launching the flow
  • parsing the callback
  • building the backend exchange payload
  • posting the exchange request

SayariOAuthFlutterSdk

The main entrypoint for most Flutter apps.

Backend Exchange Payload

The SDK builds a payload like this:

{
  "grantType": "authorization_code",
  "code": "authorization_code_from_deep_link",
  "redirectUri": "myapp://auth/callback",
  "appId": "YOUR_APP_ID",
  "codeVerifier": "original_pkce_verifier",
  "state": "original_state"
}

Your backend should exchange that code with Sayari and create the app session.

Notes

  • The user still signs in to Sayari Account.
  • loginHint is optional and only pre-fills the Sayari login identity.
  • The redirectUri used at authorize time and exchange time must match exactly.
  • The same authorization code should only be exchanged once.
  • The SDK is designed to work with your own backend session logic.

Example App

This package includes a publishable example app under example/.

It demonstrates:

  • loading the SDK config
  • building and launching the Sayari authorize URL
  • handling the deep-link callback
  • exchanging the code with a backend
  • displaying the returned session summary

Dependencies

  • app_links
  • crypto
  • http
  • url_launcher

Best For

Use this package when you want to add Sayari OAuth to:

  • Flutter mobile apps
  • desktop apps
  • internal tools
  • reusable client libraries

Libraries

sayari_oauth_flutter_sdk