thirdwebDocs
GitHub

InAppWallet.Create

Create an instance of InAppWallet using a user's email, phone number or OAuth. This wallet type facilitates secure user authentication through OTP verification, making it suitable for client-facing applications where handling private keys directly is not ideal.

Login Methods

In-App Wallets support a variety of login methods:

  • Email (OTP Login)
  • Phone (OTP Login)
  • Socials (Google, Apple, Facebook, Telegram, Farcaster, Line, Github, Twitch etc.)
  • SIWE (Sign-In with Ethereum)
  • Custom Auth (OIDC Compatible)
  • Custom Auth (Generic Auth Endpoint)
  • Guest (Onboard easily, link other accounts later)

Usage

// Email
var wallet = await InAppWallet.Create(client: client, email: "userEmail");
// Phone
var wallet = await InAppWallet.Create(client: client, phoneNumber: "+1234567890");
// Google, Apple, Facebook, etc.
var wallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.Google);
// SIWE
var wallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.Siwe, siweSigner: anyExternalWallet);
// Custom Auth - JWT
var wallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.JWT);
// Custom Auth - AuthEndpoint
var wallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.AuthEndpoint);
// Guest Login
var wallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.Guest);
 
// Session resuming supported for all methods
var isConnected = await wallet.IsConnected();
 
// If not connected, initiate login flow based on the auth provider you are using
 
// Email & Phone (OTP)
await wallet.SendOTP(); // and fetch the otp
var (address, canRetry) = await wallet.LoginWithOtp("userEnteredOTP");
 
// Socials (OAuth)
var address = await wallet.LoginWithOauth(
    // Windows console app example, adaptable to any runtime
    isMobile: false,
    browserOpenAction: (url) =>
    {
        var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
        _ = Process.Start(psi);
    },
    mobileRedirectScheme: "myBundleId://"
);
 
// SIWE (Wallet)
var address = await siweWallet.LoginWithSiwe(chainId: 1);
 
// Custom Auth (JWT)
var address = await wallet.LoginWithCustomAuth(jwt: "myjwt", encryptionkey: "myencryptionkey");
 
// Custom Auth (AuthEndpoint)
var address = await wallet.LoginWithAuthEndpoint(payload: "mypayload", encryptionkey: "myencryptionkey");
 
// Guest Login (Easy onboarding)
var address = await wallet.LoginWithGuest();

OTP Authentication Flow

The OTP authentication flow involves sending an OTP to the user's email or phone and then verifying the OTP to complete authentication:

Send OTP: Initiate the login process by calling SendOTP on the InAppWallet instance. This sends an OTP to the user's email or phone number.

await wallet.SendOTP();

Submit OTP: Once the user receives the OTP, they submit it back to the application, which then calls LoginWithOtp on the InAppWallet instance to verify the OTP and complete the login process.

var (address, canRetry) = await wallet.LoginWithOtp("userEnteredOTP");
if (address != null) {
    // Login successful
} else if (canRetry) {
    // Ask user to retry entering OTP
}

Example

Here's an example of creating an InAppWallet with a user's email and completing the OTP authentication flow:

// Create InAppWallet wallet as signer to unlock web2 auth
var inAppWallet = await InAppWallet.Create(client: client, email: "email@email.com"); // or email: null, phoneNumber: "+1234567890"
 
// Resume session (if `InAppWallet` wallet was not logged in)
if (!await inAppWallet.IsConnected())
{
    await inAppWallet.SendOTP();
    Console.WriteLine("Please submit the OTP.");
    var otp = Console.ReadLine();
    (var inAppWalletAddress, var canRetry) = await inAppWallet.LoginWithOtp(otp);
    if (inAppWalletAddress == null && canRetry)
    {
        Console.WriteLine("Please submit the OTP again.");
        otp = Console.ReadLine();
        (inAppWalletAddress, _) = await inAppWallet.LoginWithOtp(otp);
    }
    if (inAppWalletAddress == null)
    {
        Console.WriteLine("OTP login failed. Please try again.");
        return;
    }
}
 
Console.WriteLine($"InAppWallet address: {await inAppWallet.GetAddress()}");
 
// Sign a message
var message = "Hello, Thirdweb!";
var signature = await wallet.PersonalSign(message);
Console.WriteLine($"Signature: {signature}");

Note: InAppWallet leverages the security of OTP-based authentication to ensure a secure and user-friendly experience in blockchain applications.

OAuth Authentication Flow

LoginWithOauth: Initiate the login process by calling LoginWithOauth on the InAppWallet instance. This redirects the user to the OAuth provider's login page.

// Windows console app example
var address = await inAppWallet.LoginWithOauth(
    isMobile: false,
    browserOpenAction: (url) =>
    {
        var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
        _ = Process.Start(psi);
    },
);
// Godot standalone example
var address = await ThirdwebManager.Instance.InAppWallet.LoginWithOauth(
        isMobile: OS.GetName() == "Android" || OS.GetName() == "iOS",
        browserOpenAction: (url) => OS.ShellOpen(url),
        mobileRedirectScheme: "thirdweb://"
);

Example

Here's an example of creating an InAppWallet using OAuth.

// Create InAppWallet wallet as signer to unlock web2 auth
var inAppWallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.Google);
 
// Resume session (if `InAppWallet` wallet was not logged in)
if (!await inAppWallet.IsConnected())
{
    try {
        var address = await inAppWallet.LoginWithOauth(
            isMobile: false,
            browserOpenAction: (url) =>
            {
                var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
                _ = Process.Start(psi);
            },
        );
        Console.WriteLine($"OAuth login successful. InAppWallet address: {address}");
    } catch (Exception ex) {
        Console.WriteLine($"OAuth login failed: {ex.Message}");
        return;
    }
}

Note: The LoginWithOauth API allows for custom browser handling, making it suitable for various application types and platforms.

Unified Identity - Account Linking

InAppWallet supports linking multiple authentication methods to a single user account. This feature enables users to access their account using different authentication methods, such as email, phone, or OAuth, without creating separate accounts for each method.

Linking Accounts

var inAppWalletMain = await InAppWallet.Create(client: client, authProvider: AuthProvider.Google);
if (!await inAppWalletMain.IsConnected())
{
    _ = await inAppWalletMain.LoginWithOauth(
        isMobile: false,
        (url) =>
        {
            var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
            _ = Process.Start(psi);
        },
        "thirdweb://",
        new InAppWalletBrowser()
    );
}
Console.WriteLine($"Main InAppWallet address: {await inAppWalletMain.GetAddress()}");
 
// Prepare Telegram
var socialWallet = await InAppWallet.Create(client: client, authProvider: AuthProvider.Telegram);
// Link Telegram
_ = await inAppWalletMain.LinkAccount(walletToLink: socialWallet,);
 
// Prepare Phone
var phoneWallet = await InAppWallet.Create(client: client, phoneNumber: "+1234567890");
_ = await phoneWallet.SendOTP();
var otp = Console.ReadLine();
// Link Phone
_ = await inAppWalletMain.LinkAccount(walletToLink: phoneWallet, otp: otp);

Getting Linked Accounts

List<LinkedAccount> linkedAccounts = await inAppWalletMain.GetLinkedAccounts();