Skip to main content
Abstract Interface Class Authentication sub-client — email OTP, OAuth, wallet sign-in, and session lifecycle. Exposed on CrossmintClient.auth.
Observable via state (immediate), stateListenable (Flutter ValueListenable), or states (Stream). Call restoreSession on app startup (once CrossmintClient.initialize has completed) so any persisted JWT can hydrate before the first frame.

Properties

state

The current auth state snapshot.

stateListenable

Reactive handle on state — suitable for ValueListenableBuilder.

states

Stream of auth-state changes. Emits on every state mutation.

Methods

restoreSession

Reads any persisted session from CrossmintAuthStorage and applies it to the client. Safe to call once per app launch — prefer using the result of CrossmintClient.initialize which calls this internally.

loginWithOAuth

Opens the Crossmint-hosted OAuth flow for provider (Google, Twitter, etc.). The response comes back through CrossmintAuthCallbackRouter — make sure it is started before calling this.

sendEmailOtp

Requests the Crossmint API to send an email OTP to email. Returns a challenge that confirmEmailOtp completes.

confirmEmailOtp

Submits an email OTP challenge — pass the emailId from the challenge and the token the user entered. Returns true on success.

completeOAuth

Completes an OAuth flow from a deep-link callback URI. Normally invoked by CrossmintAuthCallbackRouter; call directly only for custom routing.

completeOAuthWithOneTimeSecret

Completes an OAuth flow from a one-time secret (SSR / server-mediated callbacks). Returns true on success.

signInWithWallet

Starts wallet-based authentication. Returns a challenge that the wallet must sign. type is 'evm' or 'solana'.

authenticateWallet

Completes wallet-based authentication with the signed challenge.

getSession

Returns the current session (JWT + metadata), or null if not signed in. Does not hit the network — reads from in-memory state.

getUser

Returns the authenticated user’s profile. Caches the result; pass forceRefresh: true to bypass the cache and refetch.

logout

Signs the user out — clears persisted storage, cached session/user, and POSTs to the Crossmint (or custom) logout endpoint.

setJwt

Sets a custom JWT for “Bring Your Own Auth” (BYOA) flows.