๐ฑ Mobile App Integration Track โ
Source:
en/tracks/mobile.mdยท Live: https://docs.1pass.dev/en/tracks/mobile LLM-sanitized: internal links absolutized, VitePress containers โ admonitions, line numbers in the Jump-to Index reference this rendered file (1-indexed).
๐ Jump-to Index โ
- L29-L37: ## The four core promises
- L38-L45: ## Step 1 ยท Register the app
- L46-L97: ## Step 2 ยท Platform quickstart
- L48-L83: ### iOS โ LogiAuth Swift Package (recommended)
- L84-L97: ### Other platforms
- L98-L104: ## Step 3 ยท Avoid the mobile-specific pitfalls
- L105-L114: ## Step 4 ยท Pre-build checks
- L115-L123: ## Common reference (track-agnostic)
- L124-L131: ## Hand the whole thing to an AI
๐ฑ Mobile App Integration Track โ
The fastest path to integrating logi in iOS, Android, Flutter, and React Native native apps.
๐ก Tip: Is this the right track?
- โ Yes: a native app users install from an app store
- โ Web โ ๐ Web Integration Track
- โ Machine-to-machine / CLI โ ๐ง API ยท CLI Track
The four core promises โ
- Public client + PKCE are required. Never hardcode
client_secretinto a mobile app. - Use a single custom-scheme redirect_uri โ for example,
com.example.app://oauth/1pass/callback. - App-to-app first, in-app browser fallback โ works even when the user arrives from an in-app browser like KakaoTalk or Naver.
- Keep the app RP and the web RP separate โ don't mix mobile and web redirects under the same
client_id. Details: Common / Public Clients ยท One RP per surface
Step 1 ยท Register the app โ
Register one RP with client_type: public. You can do this from the console or the API.
- App registration guide โ console UI walkthrough
- Public Clients (PKCE-only) โ API registration + redirect_uri policy
- Choosing Public vs Confidential โ which one to pick
Step 2 ยท Platform quickstart โ
iOS โ LogiAuth Swift Package (recommended) โ
On iOS, the official Swift SDK LogiAuth handles PKCE, ASWebAuthenticationSession, the in-app escape, and keychain storage for you. Reach for the SDK before you roll your own.
// Package.swift
.package(url: "https://github.com/dcode-co/logi-auth-swift.git", from: "0.2.0"),
// App.swift
import LogiAuth
@main
struct MyApp: App {
init() {
LogiAuth.configure(LogiAuthConfig(
clientId: "logi_xxx",
redirectURI: URL(string: "myapp://oauth/1pass/callback")!
))
}
var body: some Scene {
WindowGroup {
ContentView()
.onOpenURL { url in _ = LogiAuth.handle(url) }
}
}
}
// anywhere
let result = try await LogiAuth.signIn()Don't forget .onOpenURL { url in _ = LogiAuth.handle(url) } โ the SDK receives the login callback there and completes the token exchange.
For full integration and error classification โ Swift quickstart
Other platforms โ
Follow the single page for your stack. The rest are mirrors of the same pattern.
| Stack | Guide | SDK / library |
|---|---|---|
| iOS (Swift) | integrations/swift | LogiAuth 0.1.2 (recommended) ยท or roll your own ASWebAuthenticationSession + CryptoKit |
| Android (Kotlin) | integrations/android | LogiAuth Kotlin SDK (recommended) ยท or hand-rolled Custom Tabs + DataStore + Keystore |
| Flutter | integrations/flutter | flutter_web_auth_2 + flutter_secure_storage |
| React Native | integrations/react-native | react-native-app-auth + react-native-keychain |
โน๏ธ Note: Storing credentials separately on Android The Android (Kotlin) โ Canonical/Merge page covers
canonical_sub/linked_subshandling and the pattern for storing credentials separately. For a new integration, read it after you finish the Step 2 guide.
Step 3 ยท Avoid the mobile-specific pitfalls โ
- Universal Links integration guide โ registering iOS Universal Links and Android App Links
- Escaping the in-app browser โ when OAuth is blocked inside the KakaoTalk, Naver, or Facebook in-app browser
- Refresh token rotation policy โ rotation-interval differences between Apple Sign In and Google
- First-login completion form โ pattern for collecting your own extra info (role/org) once
Step 4 ยท Pre-build checks โ
- RP integration testing โ verification steps for both the simulator and a real device
- Demo page walkthrough โ compare against the reference implementation code
demo.1pass.dev/oauthโ mobile PKCE end-to-end walking sample (scenario deep-links)demo.1pass.dev/iosโ iOS native (after install) โ Universal Link first-try + Swift SDKdemo.1pass.dev/app-clipโ iOS App Clip (before install) โ card login via QR scandemo.1pass.dev/androidโ Android native โ Intent setPackage first-try + Custom Tabs fallback- Self-diagnosis โ
/diagnoseโ check registration, redirect_uri, and scopes
Common reference (track-agnostic) โ
- Authorization Code Flow ยท PKCE ยท Scope reference
- Error codes ยท Response headers
- Security best practices (RP side)
- Login button components
Hand the whole thing to an AI โ
Paste @/llms-full.txt into Claude Code, Cursor, or Codex, then say:
"Integrate logi 1pass as an RP into my [iOS Swift / Flutter / Android Kotlin / RN] app, using a public client + PKCE."
โ It generates the quickstart, env, redirect_uri registration, and callback handler automatically.