InAppWallet.Create
Create an instance of InAppWallet
using a user's email, phone number or OAuth. This wallet type facilitates secure user authentication through OTP verification, making it suitable for client-facing applications where handling private keys directly is not ideal.
In-App Wallets support a variety of login methods:
- Email (OTP Login)
- Phone (OTP Login)
- Socials (Google, Apple, Facebook, Telegram, Farcaster, Line, Github, Twitch etc.)
- SIWE (Sign-In with Ethereum)
- Custom Auth (OIDC Compatible)
- Custom Auth (Generic Auth Endpoint)
- Guest (Onboard easily, link other accounts later)
Client-Side Use
This wallet is designed for client-side use in applications where direct access to the user's private keys is not safe or necessary. It leverages OTP for secure authentication, allowing users to interact with blockchain applications seamlessly.
The OTP authentication flow involves sending an OTP to the user's email or phone and then verifying the OTP to complete authentication:
Send OTP: Initiate the login process by calling SendOTP on the InAppWallet instance. This sends an OTP to the user's email or phone number.
Submit OTP: Once the user receives the OTP, they submit it back to the application, which then calls LoginWithOtp on the InAppWallet instance to verify the OTP and complete the login process.
Here's an example of creating an InAppWallet
with a user's email and completing the OTP authentication flow:
Note: InAppWallet leverages the security of OTP-based authentication to ensure a secure and user-friendly experience in blockchain applications.
LoginWithOauth: Initiate the login process by calling LoginWithOauth on the InAppWallet instance. This redirects the user to the OAuth provider's login page.
Here's an example of creating an InAppWallet
using OAuth.
Note: The LoginWithOauth
API allows for custom browser handling, making it suitable for various application types and platforms.
InAppWallet supports linking multiple authentication methods to a single user account. This feature enables users to access their account using different authentication methods, such as email, phone, or OAuth, without creating separate accounts for each method.