Question about using ServiceStack Authentication Flows from client apps like Flutter

[Ryan-Britton]

Hey there 😊,

Quick question about the best-practice flow for performing logins using the ServiceStack Auth Plugin. The most recent updates to ServiceStack have a demo showing a host of authentication/authorization-based functions where accessing an API endpoint (like http://local.servicestack.com/login) will provide a browser-based authentication flow to log users in (for instance), which is great.

What is the best practice when using a ServiceStack client from a non-web-based client (like Flutter running on iOS/Android for instance). Would it be preferable to complete the login using a client library (like google_sign_in or sign_in_with_apple) and then pass the authentication token to the "back end", or are the web flows intended to provide an alternative to these client packages)?

Is there an example of an authentication story using the ServiceStack Authentication Plugin and Flutter (via the Dart client) that I could take a look at?

[mythz]

There's no longer any ServiceStack Best Practices regarding how to use Auth, ServiceStack Blazor Apps are just ASP .NET Core 8 Apps so whatever solutions ASP.NET Core Apps exist should also work in the latest .NET 8 Blazor Templates.

The general idea is to copy the Identity Auth Cookie and from end of the OAuth Flow and use it to populate it on the service client.

We haven't updated our existing Mobile Apps yet to demonstrate this, but we'll look at getting to them in the near future.