페이지 이동경로
  • Docs>
  • Kakao Login>
  • Flutter

Kakao Login

Flutter

This document describes how to integrate Kakao Login APIs into your service with the Kakao SDK for Flutter.

To learn about each API in detail, refer to Concepts.

For a Kakao Login button, you can download the resources provided by Kakao or customize buttons according to your service user interface by referring to the Design Guide.

Before you begin

Before using Kakao Login APIs with the Flutter SDK,

  1. Complete the prerequisites.
  2. Add modules.
  3. Set Custom URL scheme.

Add modules

To use the features of Kakao Login, you need to add kakao_flutter_sdk_auth and kakao_flutter_sdk_user modules in pubspec.yaml by referring to Install SDK. After that, add the following libraries in your dart file.

import 'package:kakao_flutter_sdk_auth/kakao_flutter_sdk_auth.dart';
import 'package:kakao_flutter_sdk_user/kakao_flutter_sdk_user.dart';

Project Setting

To use the Kakao Login API on the native app service, you must set the Custom URL Scheme. See how to set up a project by device environment below.

Login

This API enables users to log in through Kakao Talk or their Kakao Account information.

For Kakao Login, the Flutter SDK provides the following methods:

Method Description Development guide
loginWithKakaoTalk() Launches Kakao Talk to enable users to log in with their Kakao Account linked to Kakao Talk. Login with Kakao Talk
loginWithKakaoAccount() Presents the Kakao Login page as a popup window where users input their Kakao Account ID and password for login. Login with Kakao Account
authorizeWithTalk() Enable users to log in with their Kakao Account linked to Kakao Talk through the redirection method.

IMPORTANT: For a web app, we highly recommend using the redirection method. For a native app, the redirection method is not supported.
Kakao Login through redirection for Web

To understand the login flow, see JavaScript > Understand login flow
authorize() Directs the Kakao Login page where users input their Kakao Account ID and password for login through the redirection method.

IMPORTANT: For a web app, we highly recommend using the redirection method. For a native app, the redirection method is not supported.
Kakao Login through redirection for Web

To understand the login flow, see Concepts > Step 1 in Login flow
IMPORTANT

If you develop a web app with the Flutter SDK, you must complete prerequisites for Web regardless of which method you use for Kakao Login.

Login with Kakao Talk

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Advanced: Activate OpenID Connect(Optional)
Set Simple Signup(for Kakao Sync)
Required Required:
Required consent item

To allow users to log in with Kakao Talk, call the loginWithKakaoTalk() method that launches the Kakao Talk application and prompts the Consent screen asking for consent.

Parameter
Name Type Description Required
nonce String Parameter to strengthen security.
To prevent replay attacks, generate random strings and pass them as an argument.

IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect.
X
Sample
// Login with Kakao Talk
try {
  OAuthToken token = await UserApi.instance.loginWithKakaoTalk();
  print('Login succeeds. ${token.accessToken}');
} catch (e) {
  print('Login fails. $e')
}

When a user consents, Kakao identifies the user with the user's Kakao Account information linked to Kakao Talk, and then issues tokens. The Flutter SDK provides the issued tokens through the OAuthToken class.

OAuthToken

The issued tokens are stored through the TokenManagerProvider class. The stored tokens are automatically added to the authorization header when calling the token-based APIs.

Name Type Description Required
accessToken String One of the tokens that authorizes you to call Kakao APIs and identifies users. O
expiresAt DateTime Validity period in seconds until the access token expires. O
refreshToken String One of the tokens that is used to gain new tokens.

IMPORTANT: Not included when using JavaScript app key
X
refreshTokenExpiresAt DateTime Validity period in seconds until the refresh token expires.

IMPORTANT: Not included when using JavaScript app key
X
scope List<String> List of scopes of user information to be retrieved with the issued access token. X
idToken String JSON Web Token that contain user's authentication information, encoded using Base64 algorithm.
For more details, refer to ID Token.

IMPORTANT: Only returned when you integrate Kakao Login with OpenID Connect.
If you call the Requesting additional consent API, only returned when openid is added to scope in the request.
X

* Deprecated 'accessTokenExpiresAt'. Instead, use 'expiresAt'.

Login with Kakao Account

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Advanced: Activate OpenID Connect(Optional)
Set Simple Signup(for Kakao Sync)
Required Required:
Required consent item

To allow users to log in with Kakao Account, call the loginWithKakaoAccount() method that opens a web browser and prompts the Consent screen asking for consent.

Parameter
Name Type Description Required
prompts [Prompt] Used to request reauthentication by selecting whether to present an interactive UI.
- .login: Used to request reauthentication by presenting the Kakao Account Login screen to a user even though the default web browser already retains cookies about the user's login information through Kakao Account.
- .create: Used to prompt the Kakao Account sign-up page first. The Kakao Login consent screen will be present after signing up for Kakao Account.
X
nonce String Parameter to strengthen security.
To prevent replay attacks, generate random strings and pass them as an argument.

IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect.
X
Sample
//  Login with Kakao Account
try {
  OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
  print('Login succeeds. ${token.accessToken}');
} catch (e) {
  print('Login fails. $e')
}

When a user consents, Kakao identifies the user through the user's Kakao Account cookie stored on the default web browser and then issues tokens through the OAuthToken class.

Advanced: Request reauthentication

You can request reauthentication regardless of a user's login status to enhance security. Set prompts to [Prompt.login] when you call loginWithKakaoAccount(). Then, the login screen is prompted even though a user has already been logged in on the same web browser on the device.

try {
  OAuthToken token = await UserApi.instance
    .loginWithKakaoAccount(prompts: [Prompt.login]);
  print('Login succeeds. ${token.accessToken}');
} catch (e) {
    print('Login fails. $e')
  }
Advanced: Log in after signing up for Kakao Account

You can request to prompt the Kakao Account sign-up page before Kakao Login. Set prompts to [Prompt.create] when you call loginWithKakaoAccount(). The Kakao Login consent screen will be present after signing up for Kakao Account.

try {
  OAuthToken token = await UserApi.instance
    .loginWithKakaoAccount(prompts: [Prompt.create]);
  print('Login succeeds. ${token.accessToken}');
} catch (e) {
    print('Login fails. $e')
  }

Kakao Login Sample

You can implement Kakao Login by combining 'Kakao Login with Kakao Talk' and 'Kakao Login with Kakao Account' together, as exemplified below. You can also use the isKakaoTalkInstalled() method to check if Kakao Talk has been installed on a user's device so that the user can log in with Kakao Talk.

// Login combination sample
try {
  bool talkInstalled = await isKakaoTalkInstalled();

  // If Kakao Talk has been installed, log in with Kakao Talk. Otherwise, log in with Kakao Account.
  OAuthToken token = talkInstalled
    ? await UserApi.instance.loginWithKakaoTalk()
    : await UserApi.instance.loginWithKakaoAccount();
  print('Login succeeds. ${token.accessToken}');
} catch (e) {
  print('Login fails. $e')
}

The code snippet below shows the logic of Kakao Login depending on whether Kakao Talk is installed and a user's action. You can see how to handle errors that may occur during the login process.

After a user initially installs Kakao Talk and does not complete app permission for Kakao Talk, the user can cancel to log in with Kakao Talk. In this case, the CANCELED error occurs. Thus, you need to implement the subsequent process after the user cancels the login, such as redirecting the user to the main page or going back to the previous page by referring to this code snippet.

// Login combination sample + Detailed error handling callback
bool talkInstalled = await isKakaoTalkInstalled();
// If Kakao Talk has been installed, log in with Kakao Talk. Otherwise, log in with Kakao Account.
if (talkInstalled) {
  try {
    OAuthToken token = await UserApi.instance.loginWithKakaoTalk();
    print('Login succeeded. ${token.accessToken}');
  } catch (e) {
    print('Login failed. $e');

    // After installing Kakao Talk, if a user does not complete app permission and cancels Login with Kakao Talk, skip to log in with Kakao Account, considering that the user does not want to log in.
    // You could implement other actions such as going back to the previous page.
    if (e is PlatformException && e.code == 'CANCELED') {
      return;
    }

    // If a user is not logged into Kakao Talk after installing Kakao Talk and allowing app permission, make the user log in with Kakao Account.
    try {
      OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
      print('Login succeeded. ${token.accessToken}');
    } catch (e) {
      print('Login failed. $e');
    }
  }
} else {
  try {
    OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
    print('Login succeeded. ${token.accessToken}');
  } catch (e) {
    print('Login failed. $e');
  }
}

Kakao Login through redirection for Web

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Set Redirect URI
Manage consent items
Advanced: Activate OpenID Connect(Optional)
Set Simple Signup(for Kakao Sync)
Required Required:
Required consent item

If you need to implement Kakao Login for a web environment by using the Flutter SDK, we recommend using the redirection method in web app development.

When you integrate Kakao Login with loginWithKakaoTalk() or loginWithKakaoAccount() that presents a pop-up window for a login, it may not work in a web environment because some web views do not allow pop-up windows.

To implement Kakao Login with the redirect method, you must:

  1. Check if Web platform and Redirect URI are registered.
  2. Request an authorization code in your service server by calling authorizeWithTalk() or authorize().
  3. Request the access token and refresh token with the authroization code recieved from the Kakao authorization server by using a REST API. See REST API > get tokens.
    IMPORTANT: You must use the REST API key when you request the tokens.
  4. Store the issued tokens in the Flutter SDK so that you can call the Kakao APIs with the tokens.
Get authorization code

Depending on the user environment where your web app is running, the isKakaoTalkInstalled() method returns a different boolean value. If a user attempts to log in via a web app on Android or iOS, isKakaoTalkInstalled() always returns true. Then, call the authorizeWithTalk() method that launches the Kakao Talk application and prompts the Consent screen asking for consent. Note that true does not guarantee that Kakao Talk is installed on the user's Android or iOS device. If Kakao Talk is not installed, the user is directed to a download page for Kakao Talk.

In other environments where your web app is running, such as Windows or Mac operating systems, isKakaoTalkInstalled() returns false. In this case, make the user log in with a Kakao Account by calling authorize().

bool talkInstalled = await isKakaoTalkInstalled();

if (talkInstalled) {
  // Login with Kakao Talk. If Kakao Talk is not installed, the download page is open.
  try {
    await AuthCodeClient.instance.authorizeWithTalk(
      redirectUri: '${REDIRECT_URI}',
    );
  } catch (error) {
    print('Login with Kakao Talk fails $error');
  }
} else {
  // Login with Kakao Account
  try {
    await AuthCodeClient.instance.authorize(
      redirectUri: '${REDIRECT_URI}',
    );
  } catch (error) {
    print('Login with Kakao Account fails. $error');
  }
}
Set tokens

To store the tokens issued from the Kakao authorization server into the token manager of the Flutter SDK, call the setToken() method.

// Change the token type to the type that can be used in SDK.
var tokenResponse = AccessTokenResponse.fromJson(response);
var token = OAuthToken.fromResponse(tokenResponse);

// Store tokens.
TokenManagerProvider.instance.manager.setToken(token);

Check token presence

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Required -

To check if a user has obtained an access token through Kakao Login, call the hasToken() method defined in the UserApi class. This API returns the presence of tokens as a boolean type.

Note that calling hasToken() to check the token presence does not ensure the user's login status.

Sample
if (await AuthApi.instance.hasToken()) {
  try {
    AccessTokenInfo tokenInfo = await UserApi.instance.accessTokenInfo();
    print('Succeeded in validating token ${tokenInfo.id} ${tokenInfo.expiresIn}');
  } catch (e) {
    if (e is KakaoException && e.isInvalidTokenError()) {
      print('Token has expired.')
    } else {
      print('Failed to retrieve token information.')
    }

    try {
      // Log in with Kakao Account
      OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
      print('Login succeeds. ${token.accessToken}');
    } catch (e) {
      print('Login fails. $e')
    }
  }
} else {
  print('There is no token.');
    try {
      OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
      print('Login succeeds. ${token.accessToken}');
    } catch (e) {
      print('Login fails. $e')
    }
}

If the user has a valid access token, hasToken() returns the token information through the AccessTokenInfo class. Then, you can call the token-based APIs with the user's access token.

If false is returned, it means that the token is not valid, so you cannot retrieve the token information. For this case, implement a process for the user to log in to obtain tokens and the error handling process.

AccessTokenInfo
Name Type Description Required
id Int Service user ID. X
expiresIn Int Validity period in seconds until the access token expires. O
appId Int App ID that an access token has been issued for. O

Logout

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Required -

To enable a user to log out, call the logout() method in the UserApi class. Then, the access and refresh token issued through the login process is deleted, and the user is logged out.

Sample
// Logout
try {
  await UserApi.instance.logout();
  print('Logout succeeds. Tokens are deleted from SDK.');
} catch (e) {
  print('Logout fails. Tokens are deleted from SDK.')
}

Regardless of the result of the logout request, the Flutter SDK deletes the access token and refresh token so that the login session expires.

Unlink

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Required -

To unlink a user's Kakao Account from a service app, call the unlink() method in the UserApi class.

Sample
/// Unlink current user from the app.
try {
  await UserApi.instance.unlink();
  print('Unlink succeeds. Tokens are deleted from SDK.');
} catch (e) {
  print('Unlink fails.')
}

If the request is successful, the session between an app and a user is disconnected, and the user is logged out as the issued access token and refresh token are deleted.

Retrieve token information

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Required -

To retrieve the token information of the user who is currently logged in, call the accessTokenInfo() method in the UserApi class. To check the validity of the tokens only, use this API rather than retrieving all user information.

Sample
// Retrieving token information
try {
  AccessTokenInfo tokenInfo = await UserApi.instance.accessTokenInfo();
  print('Succeeded in retrieving token information\nService user ID: ${tokenInfo.id}\nValidity period: ${tokenInfo.expiresIn} seconds');
} catch (e) {
  print('Failed to retrieve token information.')
}

If the request is successful, accessTokenInfo() returns the token information through the AccessTokenInfo class. If the access token expires, the access token is refreshed and new token information is returned.

You cannot trust the token information on the client side because it may expire if

  • User changes the Kakao Account password and invalidates tokens
  • User unlinks from your app

Retrieve user information

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Required Required:
All consent items to request user information

IMPORTANT

To retrieve user data, you must set consent items and obtain user's consent for the data that your service needs. If a user does not consent, you cannot get the user data. To check which a user has already agreed, you can call the Retrieving consent details API and check the agreed scopes first.

To retrieve the information of the user who is currently logged in, call the me() method in the UserApi class.

Sample

Here is an example of retrieving user information — Service user ID, email, nickname and profile thumbnail image URI.

// Retrieving user information
try {
  User user = await UserApi.instance.me();
  print('Succeeded in retrieving user information'
        '\nService user ID: ${user.id}'
        '\nEmail: ${user.kakaoAccount?.email}'
        '\nNickname: ${user.kakaoAccount?.profile?.nickname}'
        '\nProfile Thumbnail Image URI: ${user.kakaoAccount?.profile?.thumbnailImageUrl}');
} catch (e) {
  print('Failed to retrieve user information');
}

me() returns the user information through the User class.

User
Name Type Description Required
id Int Service user ID. O
hasSignedUp Bool Only returned when the Auto-link setting is disabled.
Whether the user is completely linked with (signed up) your app.
false: Preregistered
true: Registered
X
connectedAt DateTime The time when the user is linked with a service in UTC*. X
synchedAt DateTime The time when the user is logged in through Kakao Sync Simple Signup in UTC*.
This value is only passed for Kakao Sync service users. In this case, its value is the same as connected_at.
X
properties Map<String, String> Additional user information saved on the Kakao platform to use it later.
Refer to Prerequisites > Manage user properties.
X
kakaoAccount Account Kakao Account information.
To see what user data you can get, refer to User information included in Kakao Account.
X

* The time is based on Coordinated Universal Time(UTC), being 9 hours behind Korean Standard Time(KST). For the format of time, refer to RFC3339: Date and Time on the Internet.

Ensure that you need to handle exceptions for the following cases in which you cannot get the user information:

  • If you do not enable the consent item for some user information.
  • If a user has not agreed to provide the user information to the third-party service.
  • If a user has not provided the user information to Kakao.

Retrieve shipping address

Basic information
Permission Prerequisite Kakao Login User consent
Required:
Consent item
Register platforms
Activate Kakao Login
Manage consent items
Required Required:
Shipping information

To retrieve shipping address,

  • You must enable the 'Shipping information (shipping_address)' scope.
  • Users must consent to the scope. If a user does not consent, you cannot get the user data even though you enabled the scope.

The shipping_address scope is inactivated by default. To set the scope to 'Optional consent', connect your app to a Biz Channel. If your service must get users' shipping addresses, set the scope to 'Required consent' by going through the Review for Provision of Personal Information provided by Kakao Sync.

To retrieve a user's shipping addresses, call the shippingAddresses() method defined in the UserApi class. You can also pass the following parameters.

Parameter
Name Type Description Required
fromUpdatedAt DateTime If multiple shipping addresses are returned through multiple pages, only the shipping addresses that are changed after fromUpdateAt time return.
The last shipping address on the previous page is used for an input value for the next page.
If set to 0, shipping addresses are retrieved from the beginning.
X
pageSize Int Number of (two or more) shipping addresses displayed on a page.
(Default: 10)
X
Sample
UserShippingAddresses userShippingAddress;
try {
  userShippingAddress = await UserApi.instance.shippingAddresses();
} catch (e) {
  print('Failed to retrieve shipping address.');
  return;
}

if (userShippingAddress.shippingAddresses != null) {
  print('Succeeded in retrieving shipping addresses. \nService user ID: ${userShippingAddress.userId}\nShipping addresses: \n${userShippingAddress.shippingAddresses?.join('\n')}');
} else if (!userShippingAddress.needsAgreement) {
  print('User account does not have a shipping address. If required, select [Provision after collecting information] option in [My Application] > [Kakao Login] > [Consent items]');
} else if (userShippingAddress.needsAgreement) {
  print('You must obtain consent to providing shipping address from a user.');

  List<String> scopes = ['shipping_address'];

  // Request consent to providing shipping addresses
  OAuthToken token;
  try {
    token = await UserApi.instance.loginWithNewScopes(scopes);
    print('allowed scopes: ${token.scopes}');
  } catch (e) {
    print('Failed to get consent to providing shipping address.');
  }

  try {
    UserShippingAddresses userShippingAddresses = await UserApi.instance.shippingAddresses();
    print('Succeeded in retrieving shipping address. \nService user ID: ${userShippingAddresses.userId}\n${userShippingAddresses.shippingAddresses?.join('\n')}');
  } catch (e) {
    print('Failed to retrieve shipping address.');
  }
}

shippingAddresses() returns the UserShippingAddresses object.

UserShippingAddresses
Name Type Description Required
userId Int Service user ID of a user who requested shipping addresses. X
shippingAddresses List<ShippingAddress> List of shipping addresses that the user added.
The default shipping address is displayed on the uppermost, and the rest addresses are sorted by last updated date in decending order.
X
needsAgreement Bool Whether consent to shipping addresses is required. O
ShippingAddress
Name Type Description Required
id Int Shipping address ID. O
name String Shipping address name. X
isDefault Bool Whether the shipping address is a default address or not. O
updatedAt DateTime The time when a user updated the shipping address. X
type String Shipping address type.
- OLD: Administrative address
- NEW : Road name address.
X
baseAddress String Base address that is automatically input when searching for a zipcode. X
detailAddress String Detailed address that a user adds to the base address. X
receiverName String Recipient name. X
receiverPhoneNumber1 String Recipient phone number. X
receiverPhoneNumber2 String Additional recipient phone number. X
zoneNumber String New type of 5-digit postal code for a road name address system.
Required for the road name address system.
X
zipCode String Old type of 6-digit postal code for an administrative address system.
Optional for the administrative address system because some old type of addresses may not have a zip code.
X

Store user information

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage user properties
Required -

You can store or update the additional user information needed for your service. Call the updateProfile() method in the UserApi class. You must pass the custom property keys and values that you want to upadate through properties in a key-value pair. For example, if you want to update a user's clothing size, set properties to {'clothing_size': 'small'}.

Parameter
Name Type Description Required
properties Map<String, String> User information to be updated.
Check the property keys of user information that you want to update in [My Application] > [User Properties] by referring to Manage user properties.
You can also add new property keys up to five.
O
Sample
// Storing or updating user's additional information
// Check the names of property keys that you can use in [My Application] > [User Properties] in Kakao Developers.

try {
  // Data to be updated
  Map<String, String> properties = {'${CUSTOM_PROPERTY_KEY}': '${CUSTOM_PROPERTY_VALUE}'};
  await UserApi.instance.updateProfile(properties);
  print('Storing user information succeeds.');
} catch (error) {
  print('Storing user information fails. $error')
}

To check if the user information is successfully updated under the designated property keys, call the Retrieving user information API.

Request additional consent

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Advanced: Activate OpenID Connect(Optional)
Set Simple Signup(for Kakao Sync)
Required Required:
Required consent item

You can request consent to access permission or specific personal information if the user has not agreed when the user logged in with Kakao. Before using this API, read Concepts > Request additional consent thoroughly for a better understanding.

Call the loginWithNewScopes() method in the UserApi class by passing the scopes of user information you want to request additional consent as arguments.

Parameter
Name Type Description Required
scopes List<String> Pass the scope IDs of the User information. You can figure out each scope's ID in [My Application] > [Kakao Login] > [Consent Items].

IMPORTANT: If you implement OpenID Connect (OIDC), you must add openid to scopes along with the scope values you want to obtain consent. If not, OAuth is applied even though OIDC is enabled.
O
nonce String Parameter to strengthen security.
To prevent replay attacks, generate random strings and pass them as an argument.

IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect.
X
Sample
Mobile app
Web app

Here is an example that checks which scopes are required to get additional consent by checking the value of {FIELD_NAME}NeedsAgreement obtained through the Retrieving user information API.


/// Requesting additional consent

// You can request additional consent when the user attempts to use a service 
// that requires specific user information and then obtain the user information as follows. 
//  * CAUTION: Consider the case that users refuse to consent to 'Optional consent' item 
// to prevent a problem with the use of the service. 

User user;
try {
  user = await UserApi.instance.me();
} catch (error) {
  print('Failed to retrieve user information. $error')
  return;
}

// Check which scope are required to get additional consent.
List<String> scopes = [];

if (user.kakaoAccount?.emailNeedsAgreement == true) { scopes.add('account_email'); }
if (user.kakaoAccount?.birthdayNeedsAgreement == true) { scopes.add("birthday"); }
if (user.kakaoAccount?.birthyearNeedsAgreement == true) { scopes.add("birthyear");}
if (user.kakaoAccount?.ciNeedsAgreement == true) { scopes.add("account_ci"); }
if (user.kakaoAccount?.legalNameNeedsAgreement == true) { scopes.add("legal_name"); }
if (user.kakaoAccount?.legalBirthDateNeedsAgreement == true) { scopes.add("legal_birth_date"); }
if (user.kakaoAccount?.legalGenderNeedsAgreement == true) { scopes.add("legal_gender"); }
if (user.kakaoAccount?.phoneNumberNeedsAgreement == true) { scopes.add("phone_number"); }
if (user.kakaoAccount?.profileNeedsAgreement == true) { scopes.add("profile"); }
if (user.kakaoAccount?.ageRangeNeedsAgreement == true) { scopes.add("age_range"); }

// If a user has not granted permission to provide user information that is needed for your service, request additional consent with the `loginWithNewScopes()` method. 
if (scopes.length > 0) {
  print('Need to obtain consent from user.');

  // If OpenID Connect (OIDC) is enabled,
  // - When "openid" is added to `scopes`, OIDC is applied.
  // - When "openid" is not added to `scopes`, OAuth 2.0 is applied. 
                                      
  // To use OIDC, add "openid" to `scopes`.
  // scopes.add("openid");

  OAuthToken token;
  try {
    token = await UserApi.instance.loginWithNewScopes(scopes);
    print('allowed scopes: ${token.scopes}');
  } catch (error) {
    print('Failed to obtain additional consent. $error')
    return;
  }

  // Retrieve the user information after obtaining consent. 
  try {
    User user = await UserApi.instance.me();
    print('Succeeded in retrieving user information.'
          '\nID: ${user.id}'
          '\nEmail: ${user.kakaoAccount?.email}'
          '\nNickname: ${user.kakaoAccount?.profile?.nickname}'
          '\nProfileImage: ${user.kakaoAccount?.profile?.thumbnailImageUrl}');
  } catch (error) {
    print('Failed to retrieve user information. $error')
  }
}

If you develop a web app with the Flutter SDK, call the authorizeWithNewScopes() method. Because the Consent screen is not presented automatically in a web app, you must manually implement the following process invoked when a user consents to new scopes:

  1. Request an access token with the passed authorization code by using a REST API.
  2. Store the new access token in the Flutter SDK.

// Request additional consent to the required scopes (Email and gender in this code snippet). 
try {
  await AuthCodeClient.instance.authorizeWithNewScopes(
    scopes: [account_email, gender],
    redirectUri: '${REDIRECT_URI}',
  );
} catch (error) {
  print('Failed to retrieve user information. $error');
}

// Implement a logic to request the new access token and store the new token.

loginWithNewScopes() presents the Consent screen asking for consent to the requested scope. When a user chooses to provide the scope and selects [Accept and Continue] on the Consent screen, new tokens are issued, and the scope information is updated in the OAuthToken class.

On the other hand, authorizeWithNewScopes(), used for a web app, only returns an authorization code.

Retrieve consent details

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Required -

To retrieve the detailed information of the scopes (consent items) that a user has agreed to, call the scopes() method in the UserApi class.

To retrieve the details of specific scopes only, you need to pass the scopes parameter as an argument when calling scopes().

Parameter
Name Type Description Required
scopes List<String> Used when you retrieve specific scopes only.
List of scope IDs you want to retrieve by referring to the IDs set in [My Application] > [Kakao Login] > [Consent Items].
X
Sample: Retrieving all scopes
try {
  ScopeInfo scopeInfo = await UserApi.instance.scopes();
  print('Succeeded in retrieving consent details succeeds.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
  print('Failed to retrieve consent details. $error')
}
Sample: Retrieving specific scope
// List of the scope IDs that you want to retrieve
List<String> scopes = ['account_email', 'friends'];

try {
  ScopeInfo scopeInfo = await UserApi.instance.scopes(scopes: scopes);
  print('Succeeded in retrieving consent details succeeds.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
  print('Failed to retrieve consent details. $error')
}

If the request is successful, the API returns the details of the scopes that you enabled in [My Application] > [Kakao Login] > [Consent Items] and that the user has consented through the scopeInfo object. Even though your app is currently not using the scope but if a user has consented to the scope before, the scope is included in the response.

ScopeInfo
Name Type Description Required
id Int Service user ID. O
scopes Scope List of scope information. X
Scope
Name Type Description Required
id String Scope ID. O
displayName String Name or description of the scope (consent item) displayed on the Consent screen. O
type ScopeType Scope type. PRIVACY or SERVICE.
PRIVACY: scopes for Personal Information
SERVICE: scopes for Permission
O
using Bool Whether your app is using the scope.
true: Using the scope.
false: Not using the scope even though the user has agreed to.
O
agreed Bool Whether the user has agreed to the scope.
true: The user has agreed.
false: The user has not agreed.
O
revocable Bool Whether you can revoke this scope.
Only returned if the user has agreed to the scope.("agreed"=true)
true: Possible to revoke the scope.
false: Impossible to revoke the scope.
X

Revoke consent

Basic information
Permission Prerequisite Kakao Login User consent
- Register platforms
Activate Kakao Login
Manage consent items
Required -

To revoke the scope that a user has agreed to, call the revokeScopes() method in the UserApi class. You can only revoke the scope with "revocable":true among the scopes retrieved through the Retrieving consent details API. If you request to revoke the scope that is not revocable, an error is returned.

You must pass the list of scope ID through the scopes parameter when calling revokeScopes().

Parameter
Name Type Description Required
scopes List<String> List of scope IDs you want to revoke.
You can revoke only the scope with "revocable":true among the scopes retrieved through the Retrieving consent details API.
O
Sample
// List of the scope IDs that you want to revoke
List<String> scopes = ['account_email', 'legal_birth_date', 'friends'];

try {
  ScopeInfo scopeInfo = await UserApi.instance.revokeScopes(scopes: scopes);
  print('Succeeded in revoking consent.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
  print('Failed to revoke consent. $error')
}

If the request is successful, the API returns the scopeInfo object that includes the changed details of each scope and whether a user has agreed to the scope.

Retrieve user agreed terms

Basic information
Permission Prerequisite Kakao Login User consent
Required:
Kakao Sync
Register platforms
Activate Kakao Login
Manage consent items
Set Simple Signup
Required -

IMPORTANT

This API is only allowed for the service that adopted Kakao Sync. To see the advantages of Kakao Sync, refer to Concept > Kakao Sync. Before implementing this API, read Design terms and policies.

To check which terms a user has consented to when the user logs in, call the serviceTerms() method in the UserApi class.

Parameter
Name Type Description Required
extra String Used to retrieve all of the terms registered in your app.
In this case, set it to app_service_terms.
X
Sample
try {
  UserServiceTerms userServiceTerms = await UserApi.instance.serviceTerms();
  print('Succeeded in checking the agreed terms.\nService user ID: ${userServiceTerms.userId}\nAgreed terms: \n${userServiceTerms.allowedServiceTerms?.join('\n')}');
} catch (error) {
    print('Failed to check the agreed terms. $error');
}

serviceTerms() returns the UserServiceTerms object.

UserServiceTerms
Name Type Description Required
userId Int Service user ID. X
appServiceTerms List<AppServiceTerms> A list of terms registered for an app. X
allowedServiceTerms List<ServiceTerms> A list of terms that a user has consented to. X
AppServiceTerms
Name Type Description Required
tag String Tag that is specified in [My Application] > [Simple Signup] for each term. O
createdAt Datetime The time when the term was registered.
(RFC3339 internet date/time format)
O
updatedAt Datetime The time when the term was modified.
(RFC3339 internet date/time format)
O
ServiceTerms
Name Type Description Required
tag String Tag of the term that a user consented to. O
agreedAt Datetime The last time when a user consented to the term.
(RFC3339 internet date/time format)
O

Get consent to desired terms

Basic information
Permission Prerequisite Kakao Login User consent
Required:
Kakao Sync
Register platforms
Activate Kakao Login
Manage consent items
Advanced: Activate OpenID Connect(Optional)
Set Simple Signup
Required Required:
Required consent item

IMPORTANT

This API is only allowed for the service that adopted Kakao Sync. To see the advantages of Kakao Sync, refer to Concept > Kakao Sync. Before implementing this API, read Design terms and policies.

This API enables you to request consent to a specific term that a user has not consented, regardless of whether the user has already signed up or not.

If your app is used for multiple services and each service requires consent to different terms, or if a new required term is added to your service, you can use this API. For more details, Design terms and policies.

To request consent to specific scopes from a user, pass the list of term tags through serviceTerms as an argument when you call loginWithKakaoTalk() or loginWithKakaoAccount().

If you do not add serviceTerms when requesting an authorization code, the general Kakao Login API proceeds. In this case, you cannot request consent to the desired terms. Also, if a user has already consented to all required terms, the user is logged in without the Consent screen prompted. For more details, refer to FAQ.

Parameter
Name Type Description Required
serviceTerms List<String> Tags for the terms that are required to consent. O
Sample
// Getting consent to desired terms

// Designate tags for the terms that you want to get consent
// among the terms registered in [My Application] > [Simple Signup] in Kakao Developers. 
List<String> serviceTerms = ['service'];

// Request login with Kakao Talk using the serviceTerms parameter (same for Login with Kakao Account)
try {
  OAuthToken token = await UserApi.instance
    .loginWithKakaoTalk(serviceTerms: serviceTerms);
  print('Login success. ${token.accessToken}');
} catch (error) {
  print('Login fail. $error');
}

The response is returned through the OAuthToken object in the same as the Kakao Login.

Advanced: Manual signup

Basic information
Permission Prerequisite Kakao Login User consent
Required:
Manual signup
Register platforms
Activate Kakao Login
Required -

IMPORTANT

The Manual signup API is only for the app with the Auto-link option disabled. Before using this API, check out when to use this API and the cautions in REST API.

The Manual signup API manually links a user with your app to complete signup when the Auto-link is disabled. To figure out if the currently logged-in user needs to be linked with your app, check the value of hasSignedUp by calling the Retrieving user information API and handle each case:

Return value Status Action
true The user is already linked with your app. You do not need to call the Manual signup API.
false The user is not linked with your app. You must call signup() to link the user with your app manually.
null Your app is using the Auto-link feature. You do not need to call the Manual signup API.
// Checking if user is linked with your app by calling the Retrieving user information API.
try {
  User user = await UserApi.instance.me();
  print('Succeeded in retrieving user information.'
        '\nService user ID: ${user.id}'
        '\nLinked status:: ${user.hasSignedUp}');
} catch (error) {
  print('Failed to retrieve user information. $error');
}

If the return value of hasSignedUp is false and the user is ready to sign up, call the signup() method to complete the signup. You can also request to store user information needed for your service with the properties parameter.

Parameter
Name Type Description Required
properties Map<String, String> A list of user information.
Used when you want to store user information needed for your service when linking a user.
Refer to Manage user properties.
X
Sample
// Requesting signup 
try {
  await UserApi.instance.signup();
  print('signup succeeds.');
} catch (error) {
  print('signup fails. $error')
}

If the request is successful, the user's service ID is returned.

Because the user's linked status is not provided even when the request is successful, request the Retrieving user information API again and check the value of hasSignedUp to check the request result.

See more