Skip to main content
Crossmint Auth is designed for staging and moving fast. For production applications, Crossmint strongly recommends connecting your own authentication provider for full control over user management. See the Bring Your Own Auth guide.
Crossmint Auth on Flutter is headless — there is no pre-built login modal. You build your own UI and call the SDK directly. This guide walks through both email OTP and OAuth login flows. Optional pre-built widgets are available via crossmint_flutter_ui.dart.

Before you start

Set up your project and get an API key.

Flutter Wallets Example

See a full working example with auth and wallets.
1

Install the SDK

Install the Crossmint Flutter SDK:
The SDK bundles the following dependencies:
2

Configure your deep link scheme

OAuth redirects require a deep link scheme so the browser can return to your app after login.Android — add to your AndroidManifest.xml:
android/app/src/main/AndroidManifest.xml
iOS — add to your Info.plist:
ios/Runner/Info.plist
Pass the same scheme to CrossmintClientConfig.appScheme.
3

Initialize the client

Initialize CrossmintClient and restore any persisted session on app launch.
lib/crossmint.dart
main.dart
Pass the API key via --dart-define when running the app:
4

Build the login screen

Use the CrossmintAuthClient to implement email OTP and OAuth login flows.

Email OTP Login

login_screen.dart

OAuth Login (Google, Twitter)

oauth_button.dart
The SDK handles platform differences automatically via CrossmintAuthCallbackRouter:
  • iOS: Uses url_launcher to open an in-app authentication session. The redirect URL is captured by the auth callback router via app_links.
  • Android: Opens the system browser. The OAuth provider redirects back to your app via the deep link scheme configured in AndroidManifest.xml.
The CrossmintAuthCallbackRouter listens for incoming deep links on both platforms and automatically completes the OAuth flow — no manual URL handling required.
5

Add logout and display user info

home_screen.dart

Auth State Values

The CrossmintAuthState provides the following status information:

Token Storage

By default, the SDK stores authentication tokens using flutter_secure_storage, which encrypts data at rest using the platform keychain (iOS) or keystore (Android). Tokens persist across app restarts and are protected by the device’s hardware-backed security. You can provide a custom storage implementation via CrossmintClientConfig.authStorage if you need a different storage backend. The SDK also provides InMemoryCrossmintAuthStorage for testing.

Differences from the React Native SDK

Moving to Production

Crossmint Auth is designed for staging and getting started quickly. For production applications, Crossmint strongly recommends migrating to your own authentication provider for full control over user management.
When you are ready to go to production, Crossmint recommends:
  1. Set up your own auth provider (Auth0, Firebase, Supabase, Stytch, etc.) and follow the Bring Your Own Auth guide to integrate it with Crossmint via JWT.
  2. Create a developer account on the production console.
  3. Create a production client API key on the API Keys page with the API scopes users.create, users.read, wallets.read.
  4. Configure JWT authentication for your auth provider in the Crossmint Console.

Next Steps

Flutter SDK Reference

Install and configure the Flutter SDK, then explore the full API reference

Bring Your Own Auth

Recommended for production — integrate your own auth provider via JWT

Webhooks

Get notified when a user signs up or updates their profile

Create Smart Wallets

Provision wallets automatically when users sign up