π± Mobile App Integration Track β
The fastest path to integrating logi in iOS, Android, Flutter, and React Native native apps.
Is this the right track?
- β Yes: a native app users install from an app store
- β Web β π Web Integration Track
- β Machine-to-machine / CLI β π§ API Β· CLI Track
The four core promises β
- Public client + PKCE are required. Never hardcode
client_secretinto a mobile app. - Use a single custom-scheme redirect_uri β for example,
com.example.app://oauth/1pass/callback. - App-to-app first, in-app browser fallback β works even when the user arrives from an in-app browser like KakaoTalk or Naver.
- Keep the app RP and the web RP separate β don't mix mobile and web redirects under the same
client_id. Details: Common / Public Clients Β· One RP per surface
Step 1 Β· Register the app β
Register one RP with client_type: public. You can do this from the console or the API.
- App registration guide β console UI walkthrough
- Public Clients (PKCE-only) β API registration + redirect_uri policy
- Choosing Public vs Confidential β which one to pick
Step 2 Β· Platform quickstart β
iOS β LogiAuth Swift Package (recommended) β
On iOS, the official Swift SDK LogiAuth handles PKCE, ASWebAuthenticationSession, the in-app escape, and keychain storage for you. Reach for the SDK before you roll your own.
// Package.swift
.package(url: "https://github.com/dcode-co/logi-auth-swift.git", from: "0.2.0"),
// App.swift
import LogiAuth
@main
struct MyApp: App {
init() {
LogiAuth.configure(LogiAuthConfig(
clientId: "logi_xxx",
redirectURI: URL(string: "myapp://oauth/1pass/callback")!
))
}
var body: some Scene {
WindowGroup {
ContentView()
.onOpenURL { url in _ = LogiAuth.handle(url) }
}
}
}
// anywhere
let result = try await LogiAuth.signIn()Don't forget .onOpenURL { url in _ = LogiAuth.handle(url) } β the SDK receives the login callback there and completes the token exchange.
For full integration and error classification β Swift quickstart
Other platforms β
Follow the single page for your stack. The rest are mirrors of the same pattern.
| Stack | Guide | SDK / library |
|---|---|---|
| iOS (Swift) | integrations/swift | LogiAuth 0.1.2 (recommended) Β· or roll your own ASWebAuthenticationSession + CryptoKit |
| Android (Kotlin) | integrations/android | LogiAuth Kotlin SDK (recommended) Β· or hand-rolled Custom Tabs + DataStore + Keystore |
| Flutter | integrations/flutter | flutter_web_auth_2 + flutter_secure_storage |
| React Native | integrations/react-native | react-native-app-auth + react-native-keychain |
Storing credentials separately on Android
The Android (Kotlin) β Canonical/Merge page covers canonical_sub / linked_subs handling and the pattern for storing credentials separately. For a new integration, read it after you finish the Step 2 guide.
Step 3 Β· Avoid the mobile-specific pitfalls β
- Universal Links integration guide β registering iOS Universal Links and Android App Links
- Escaping the in-app browser β when OAuth is blocked inside the KakaoTalk, Naver, or Facebook in-app browser
- Refresh token rotation policy β rotation-interval differences between Apple Sign In and Google
- First-login completion form β pattern for collecting your own extra info (role/org) once
Step 4 Β· Pre-build checks β
- RP integration testing β verification steps for both the simulator and a real device
- Demo page walkthrough β compare against the reference implementation code
demo.1pass.dev/oauthβ mobile PKCE end-to-end walking sample (scenario deep-links)demo.1pass.dev/iosβ iOS native (after install) β Universal Link first-try + Swift SDKdemo.1pass.dev/app-clipβ iOS App Clip (before install) β card login via QR scandemo.1pass.dev/androidβ Android native β Intent setPackage first-try + Custom Tabs fallback- Self-diagnosis β
/diagnoseβ check registration, redirect_uri, and scopes
Common reference (track-agnostic) β
- Authorization Code Flow Β· PKCE Β· Scope reference
- Error codes Β· Response headers
- Security best practices (RP side)
- Login button components
Hand the whole thing to an AI β
Paste @/llms-full.txt into Claude Code, Cursor, or Codex, then say:
"Integrate logi 1pass as an RP into my [iOS Swift / Flutter / Android Kotlin / RN] app, using a public client + PKCE."
β It generates the quickstart, env, redirect_uri registration, and callback handler automatically.