Skip to main content



Prompts or redirects the user to login based on the uxMode defined in the constructor.

await openlogin.login(params);


  • params - LoginParams (optional) : The login options. Used to specify a type of login.

    • loginProvider - LOGIN_PROVIDER : The loginProvider name. Supported loginProviders are can be of any value given in LOGIN_PROVIDER. In future versions you can pass custom loginProvider apart from options given LOGIN_PROVIDER.

    • fastLogin - boolean(optional): If user was previously logged in to the same device and then setting fastLogin to true provides a way to login with webauthn directly without going through loginProvider authentication. By default it is false.

    • extraLoginOptions: ExtraLoginOptions(optional): You can pass various oauth supported options in this object.

    • redirectUrl : string(optional): Url where user will be redirected after successfull login. By default user will be redirected to same page where login will be initiated.

    • appState: string(optional): appState can be used to keep track of the app state when user will be redirected to app after login.


  • Promise<{privKey: string;}>; : Returns a promise which resolves to the object containing dapp scoped private key of the user.


type LoginParams = BaseRedirectParams & {  loginProvider: string;  fastLogin?: boolean;  relogin?: boolean;  skipTKey?: boolean;  getWalletKey?: boolean;  extraLoginOptions?: ExtraLoginOptions;};
type BaseRedirectParams = {  redirectUrl?: string;  appState?: string;};
const LOGIN_PROVIDER: {    readonly GOOGLE: "google";    readonly FACEBOOK: "facebook";    readonly REDDIT: "reddit";    readonly DISCORD: "discord";    readonly TWITCH: "twitch";    readonly APPLE: "apple";    readonly LINE: "line";    readonly GITHUB: "github";    readonly KAKAO: "kakao";    readonly LINKEDIN: "linkedin";    readonly TWITTER: "twitter";    readonly WEIBO: "weibo";    readonly WECHAT: "wechat";    readonly EMAIL_PASSWORDLESS: "email_passwordless";    readonly WEBAUTHN: "webauthn";};export declare type LOGIN_PROVIDER_TYPE = typeof LOGIN_PROVIDER[keyof typeof LOGIN_PROVIDER];export declare type CUSTOM_LOGIN_PROVIDER_TYPE = string & {    toString?: (radix?: number) => string;};
 interface BaseLoginOptions {    /**     * - `'page'`: displays the UI with a full page view     * - `'popup'`: displays the UI with a popup window     * - `'touch'`: displays the UI in a way that leverages a touch interface     * - `'wap'`: displays the UI with a "feature phone" type interface     */    display?: "page" | "popup" | "touch" | "wap" | string;    /**     * - `'none'`: do not prompt user for login or consent on reauthentication     * - `'login'`: prompt user for reauthentication     * - `'consent'`: prompt user for consent before processing request     * - `'select_account'`: prompt user to select an account     */    prompt?: "none" | "login" | "consent" | "select_account" | string;    /**     * Maximum allowable elasped time (in seconds) since authentication.     * If the last time the user authenticated is greater than this value,     * the user must be reauthenticated.     */    max_age?: string | number;    /**     * The space-separated list of language tags, ordered by preference.     * For example: `'fr-CA fr en'`.     */    ui_locales?: string;    /**     * Previously issued ID Token.     */    id_token_hint?: string;    /**     * The user's email address or other identifier. When your app knows     * which user is trying to authenticate, you can provide this parameter     * to pre-fill the email box or select the right session for sign-in.     *     * This currently only affects the classic Lock experience.     */    login_hint?: string;    acr_values?: string;    /**     * The default scope to be used on authentication requests.     * The defaultScope defined in the Auth0Client is included     * along with this scope     */    scope?: string;    /**     * The default audience to be used for requesting API access.     */    audience?: string;    /**     * The name of the connection configured for your application.     * If null, it will redirect to the Auth0 Login Page and show     * the Login Widget.     */    connection?: string;    /**     * If you need to send custom parameters to the Authorization Server,     * make sure to use the original parameter name.     */    [key: string]: unknown;}
interface ExtraLoginOptions extends BaseLoginOptions {    /**     * Your Auth0 account domain such as `''`,     * `''` or , `''`     * (when using [custom domains](     */    domain: string;    /**     * The Client ID found on your Application settings page     */    client_id?: string;    /**     * The default URL where Auth0 will redirect your browser to with     * the authentication result. It must be whitelisted in     * the "Allowed Callback URLs" field in your Auth0 Application's     * settings. If not provided here, it should be provided in the other     * methods that provide authentication.     */    redirect_uri?: string;    /**     * The value in seconds used to account for clock skew in JWT expirations.     * Typically, this value is no more than a minute or two at maximum.     * Defaults to 60s.     */    leeway?: number;    /**     * The field in jwt token which maps to verifier id     */    verifierIdField?: string;    /**     * Whether the verifier id field is case sensitive     * @default true     */    isVerifierIdCaseSensitive?: boolean;}


const privKey = await openlogin.login();/** Once user is loggedIn privKey will be available on all OpenLogin class instances.* If you need to get privKey on a different page. You can simply reinitialize openlogin instance* and get the  private key using privKey state variable of openlogin class. You don't need to* trigger login again.* For ex: await openlogin.init();* const privKey = openlogin.privKey;*/
const privKey = await openlogin.login({      extraLoginOptions: {        login_hint: email,      },      loginProvider: "email_passwordless",      redirectUrl: ``,});


Logs the user out of openlogin. Requires that a user is logged in already.

await openlogin.logout(params);


  • params - Partial<BaseLogoutParams> & Partial<BaseRedirectParams> (optional) : The logout options.

    • fastLogin - boolean(optional): If fastLogin is passed as true then user can relogin again by just using webauthn url, else user will be completely logged out and has to go through loginProvider authentication.

    • redirectUrl : string(optional): Url where user will be redirected after successfull logout.

    • appState: string(optional): appState can be used to keep track of the app state when user will be redirected to app after logout.


type BaseLogoutParams = {  clientId: string;  fastLogin: boolean;};
type BaseRedirectParams = {  redirectUrl?: string;  appState?: string;};


  • Promise<void> : Returns a promise which resolves to void.


await openlogin.logout();
await openlogin.logout({ fastLogin: true });