Login with custom auth

INFO

Before following the instructions below, you must first configure your app in the Privy Developer Dashboard to use custom auth, per these instructions.

Privy's embedded wallets are fully-compatible with any authentication provider that supports JWT-based, stateless authentication. If you're looking to add embedded wallets to your app, you can use a custom authentication provider.

If your app uses a custom provider to authenticate your user, you will need to initialize a session with Privy in order to provision embedded wallets for that user.

1. Initialize Privy using a callback to get the user's access token

First, initialize the Privy SDK with a tokenProvider callback to get the user's access token.

This suspending lambda should return the current user's access token from your custom authentication provider as a String?. If the user is not authenticated, this lambda should return null.

private val privy: Privy =
   Privy.init(  
       context = applicationContext, // be sure to only pass in Application context
       config = PrivyConfig( 
           appId = "YOUR_APP_ID",
           appClientId = "YOUR_APP_CLIENT_ID",
           logLevel = PrivyLogLevel.NONE,
           customAuthConfig = LoginWithCustomAuthConfig( 
             tokenProvider = { 
               // Return users access token if user is authenticated
               // Or return null if user is unauthenticated
               "access_token"
             } 
           ) 
       ),
   )

// Token Provider definition
public typealias TokenProvider = suspend () -> String?

INFO

When the Privy SDK is first initialized, Privy will attempt to restore a prior session, if it exists. If it does, Privy automatically attempts to reauthenticate the user using the tokenProvider you provide. This is why it's important to await ready before triggering any other Privy flows.

You may also call loginWithCustomAccessToken, as shown below to manually trigger the login flow.

2. Authenticate your user

Once you have initialized Privy with a tokenProvider callback, to authenticate your user with Privy, use the Privy SDK's privy.customAuth.loginWithCustomAccessToken method.

Internally, this triggers the tokenProvider callback to retrieve a custom access token and authenticate the user.

public interface LoginWithCustomAuth {
 /**
  * Attempts to log the user in using the access token retrieved from
  * `tokenProvider` set at Privy initialization.
  *
  * @return A `Result` type with the `PrivyUser` the login attempt was
  * successful, or a `Result.failure` otherwise.
  */
  public suspend fun loginWithCustomAccessToken(): Result<PrivyUser>
}

If the provided access or identity token is invalid, loginWithCustomAccessToken will return Result.failure. If the token is valid, Privy will successfully authenticate your user and loginWithCustomAccessToken will return Result.success with an encapsulated PrivyUser.

Example:

val privyLoginResult = privy.customAuth.loginWithCustomAccessToken()

privyLoginResult.fold(
  onSuccess = { user ->
    Log.d("Privy","Privy login success! User: ${user}")
  },
  onFailure = { error ->
    Log.d("Privy","Privy login failure! $error")
  },
)

Once your user is authenticated, you have access to the PrivyUser.

Privy identifies your user based on the unique ID that your auth provider has assigned the user, which is stored as the sub claim of their access token. You can view all users in the Users section of the Privy Developer Dashboard.