Docs

InAppWallet.Create

Create an instance of InAppWallet using a user's email, phone number or OAuth. This wallet type facilitates secure user authentication through OTP verification, making it suitable for client-facing applications where handling private keys directly is not ideal.

Usage

// Email version
var wallet = await InAppWallet.Create(client: client, email: "userEmail");
// Phone number version
var wallet = await InAppWallet.Create(client: client, phoneNumber: "+1234567890");
// Google, Apple, Facebook, etc.
var wallet = await InAppWallet.Create(client: client, authprovider: AuthProvider.Google);

OTP Authentication Flow

The OTP authentication flow involves sending an OTP to the user's email or phone and then verifying the OTP to complete authentication:

Send OTP: Initiate the login process by calling SendOTP on the InAppWallet instance. This sends an OTP to the user's email or phone number.

await wallet.SendOTP();

Submit OTP: Once the user receives the OTP, they submit it back to the application, which then calls SubmitOTP on the InAppWallet instance to verify the OTP and complete the login process.

var (address, canRetry) = await wallet.SubmitOTP("userEnteredOTP");
if (address != null) {
    // Login successful
} else if (canRetry) {
    // Ask user to retry entering OTP
}

Example

Here's an example of creating an InAppWallet with a user's email and completing the OTP authentication flow:

// Create InAppWallet wallet as signer to unlock web2 auth
var inAppWallet = await InAppWallet.Create(client: client, email: "[email protected]"); // or email: null, phoneNumber: "+1234567890"
 
// Resume session (if `InAppWallet` wallet was not logged in)
if (!await inAppWallet.IsConnected())
{
    await inAppWallet.SendOTP();
    Console.WriteLine("Please submit the OTP.");
    var otp = Console.ReadLine();
    (var inAppWalletAddress, var canRetry) = await inAppWallet.SubmitOTP(otp);
    if (inAppWalletAddress == null && canRetry)
    {
        Console.WriteLine("Please submit the OTP again.");
        otp = Console.ReadLine();
        (inAppWalletAddress, _) = await inAppWallet.SubmitOTP(otp);
    }
    if (inAppWalletAddress == null)
    {
        Console.WriteLine("OTP login failed. Please try again.");
        return;
    }
}
 
Console.WriteLine($"InAppWallet address: {await inAppWallet.GetAddress()}");
 
// Sign a message
var message = "Hello, Thirdweb!";
var signature = await wallet.PersonalSign(message);
Console.WriteLine($"Signature: {signature}");

Note: InAppWallet leverages the security of OTP-based authentication to ensure a secure and user-friendly experience in blockchain applications.

OAuth Authentication Flow

LoginWithOauth: Initiate the login process by calling LoginWithOauth on the InAppWallet instance. This redirects the user to the OAuth provider's login page.

// Windows console app example
var address = await inAppWallet.LoginWithOauth(
    isMobile: false,
    browserOpenAction: (url) =>
    {
        var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
        _ = Process.Start(psi);
    },
);
// Godot standalone example
var address = await ThirdwebManager.Instance.InAppWallet.LoginWithOauth(
        isMobile: OS.GetName() == "Android" || OS.GetName() == "iOS",
        browserOpenAction: (url) => OS.ShellOpen(url),
        mobileRedirectScheme: "thirdweb://"
);

Example

Here's an example of creating an InAppWallet using OAuth.

// Create InAppWallet wallet as signer to unlock web2 auth
var inAppWallet = await InAppWallet.Create(client: client, authprovider: AuthProvider.Google);
 
// Resume session (if `InAppWallet` wallet was not logged in)
if (!await inAppWallet.IsConnected())
{
    try {
        var address = await inAppWallet.LoginWithOauth(
            isMobile: false,
            browserOpenAction: (url) =>
            {
                var psi = new ProcessStartInfo { FileName = url, UseShellExecute = true };
                _ = Process.Start(psi);
            },
        );
        Console.WriteLine($"OAuth login successful. InAppWallet address: {address}");
    } catch (Exception ex) {
        Console.WriteLine($"OAuth login failed: {ex.Message}");
        return;
    }
}

Note: The LoginWithOauth API allows for custom browser handling, making it suitable for various application types and platforms.