- Docs>
- Kakao Login>
- Flutter
Kakao Login
Flutter
This document describes how to integrate Kakao Login APIs into your service with the Kakao SDK for Flutter.
To learn about each API in detail, refer to Concepts.
For a Kakao Login button, you can download the resources provided by Kakao or customize buttons according to your service user interface by referring to the Design Guide.
Before you begin
Before using Kakao Login APIs with the Flutter SDK,
- Complete the prerequisites.
- Add modules.
- Set Custom URL scheme.
Add modules
To use the features of Kakao Login, you need to add kakao_flutter_sdk_auth and kakao_flutter_sdk_user modules in pubspec.yaml by referring to Install SDK. After that, add the following libraries in your dart file.
import 'package:kakao_flutter_sdk_auth/kakao_flutter_sdk_auth.dart';
import 'package:kakao_flutter_sdk_user/kakao_flutter_sdk_user.dart';
Project Setting
To use the Kakao Login API on the native app service, you must set the Custom URL Scheme. See how to set up a project by device environment below.
Login
This API enables users to log in through Kakao Talk or their Kakao Account information.
For Kakao Login, the Flutter SDK provides the following methods:
| Method | Description | Development guide |
|---|---|---|
loginWithKakaoTalk() |
Launches Kakao Talk to enable users to log in with their Kakao Account linked to Kakao Talk. | Login with Kakao Talk |
loginWithKakaoAccount() |
Presents the Kakao Login page as a popup window where users input their Kakao Account ID and password for login. | Login with Kakao Account |
authorizeWithTalk() |
Enable users to log in with their Kakao Account linked to Kakao Talk through the redirection method. IMPORTANT: For a web app, we highly recommend using the redirection method. For a native app, the redirection method is not supported. |
Kakao Login through redirection for Web To understand the login flow, see JavaScript > Understand login flow |
authorize() |
Directs the Kakao Login page where users input their Kakao Account ID and password for login through the redirection method. IMPORTANT: For a web app, we highly recommend using the redirection method. For a native app, the redirection method is not supported. |
Kakao Login through redirection for Web To understand the login flow, see Concepts > Step 1 in Login flow |
If you develop a web app with the Flutter SDK, you must complete prerequisites for Web regardless of which method you use for Kakao Login.
Login with Kakao Talk
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items Advanced: Activate OpenID Connect(Optional) Set Simple Signup(for Kakao Sync) |
Required | Required: Required consent item |
To allow users to log in with Kakao Talk, call the loginWithKakaoTalk() method that launches the Kakao Talk application and prompts the Consent screen asking for consent.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| nonce | String |
Parameter to strengthen security. To prevent replay attacks, generate random strings and pass them as an argument. IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect. |
X |
Sample
// Login with Kakao Talk
try {
OAuthToken token = await UserApi.instance.loginWithKakaoTalk();
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
When a user consents, Kakao identifies the user with the user's Kakao Account information linked to Kakao Talk, and then issues tokens. The Flutter SDK provides the issued tokens through the OAuthToken class.
OAuthToken
The issued tokens are stored through the TokenManagerProvider class. The stored tokens are automatically added to the authorization header when calling the token-based APIs.
| Name | Type | Description | Required |
|---|---|---|---|
| accessToken | String |
One of the tokens that authorizes you to call Kakao APIs and identifies users. | O |
| expiresAt | DateTime |
Validity period in seconds until the access token expires. | O |
| refreshToken | String |
One of the tokens that is used to gain new tokens. IMPORTANT: Not included when using JavaScript app key |
X |
| refreshTokenExpiresAt | DateTime |
Validity period in seconds until the refresh token expires. IMPORTANT: Not included when using JavaScript app key |
X |
| scope | List<String> |
List of scopes of user information to be retrieved with the issued access token. | X |
| idToken | String |
JSON Web Token that contain user's authentication information, encoded using Base64 algorithm. For more details, refer to ID Token. IMPORTANT: Only returned when you integrate Kakao Login with OpenID Connect. If you call the Requesting additional consent API, only returned when openid is added to scope in the request. |
X |
* Deprecated 'accessTokenExpiresAt'. Instead, use 'expiresAt'.
Login with Kakao Account
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items Advanced: Activate OpenID Connect(Optional) Set Simple Signup(for Kakao Sync) |
Required | Required: Required consent item |
To allow users to log in with Kakao Account, call the loginWithKakaoAccount() method that opens a web browser and prompts the Consent screen asking for consent.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| prompts | [Prompt] |
Used to request reauthentication by selecting whether to present an interactive UI. - .login: Used to request reauthentication by presenting the Kakao Account Login screen to a user even though the default web browser already retains cookies about the user's login information through Kakao Account.- .create: Used to prompt the Kakao Account sign-up page first. The Kakao Login consent screen will be present after signing up for Kakao Account. |
X |
| nonce | String |
Parameter to strengthen security. To prevent replay attacks, generate random strings and pass them as an argument. IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect. |
X |
Sample
// Login with Kakao Account
try {
OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
When a user consents, Kakao identifies the user through the user's Kakao Account cookie stored on the default web browser and then issues tokens through the OAuthToken class.
Advanced: Request reauthentication
You can request reauthentication regardless of a user's login status to enhance security. Set prompts to [Prompt.login] when you call loginWithKakaoAccount(). Then, the login screen is prompted even though a user has already been logged in on the same web browser on the device.
try {
OAuthToken token = await UserApi.instance
.loginWithKakaoAccount(prompts: [Prompt.login]);
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
Advanced: Log in after signing up for Kakao Account
You can request to prompt the Kakao Account sign-up page before Kakao Login. Set prompts to [Prompt.create] when you call loginWithKakaoAccount(). The Kakao Login consent screen will be present after signing up for Kakao Account.
try {
OAuthToken token = await UserApi.instance
.loginWithKakaoAccount(prompts: [Prompt.create]);
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
Kakao Login Sample
You can implement Kakao Login by combining 'Kakao Login with Kakao Talk' and 'Kakao Login with Kakao Account' together, as exemplified below. You can also use the isKakaoTalkInstalled() method to check if Kakao Talk has been installed on a user's device so that the user can log in with Kakao Talk.
// Login combination sample
try {
bool talkInstalled = await isKakaoTalkInstalled();
// If Kakao Talk has been installed, log in with Kakao Talk. Otherwise, log in with Kakao Account.
OAuthToken token = talkInstalled
? await UserApi.instance.loginWithKakaoTalk()
: await UserApi.instance.loginWithKakaoAccount();
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
The code snippet below shows the logic of Kakao Login depending on whether Kakao Talk is installed and a user's action. You can see how to handle errors that may occur during the login process.
After a user initially installs Kakao Talk and does not complete app permission for Kakao Talk, the user can cancel to log in with Kakao Talk. In this case, the CANCELED error occurs. Thus, you need to implement the subsequent process after the user cancels the login, such as redirecting the user to the main page or going back to the previous page by referring to this code snippet.
// Login combination sample + Detailed error handling callback
bool talkInstalled = await isKakaoTalkInstalled();
// If Kakao Talk has been installed, log in with Kakao Talk. Otherwise, log in with Kakao Account.
if (talkInstalled) {
try {
OAuthToken token = await UserApi.instance.loginWithKakaoTalk();
print('Login succeeded. ${token.accessToken}');
} catch (e) {
print('Login failed. $e');
// After installing Kakao Talk, if a user does not complete app permission and cancels Login with Kakao Talk, skip to log in with Kakao Account, considering that the user does not want to log in.
// You could implement other actions such as going back to the previous page.
if (e is PlatformException && e.code == 'CANCELED') {
return;
}
// If a user is not logged into Kakao Talk after installing Kakao Talk and allowing app permission, make the user log in with Kakao Account.
try {
OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
print('Login succeeded. ${token.accessToken}');
} catch (e) {
print('Login failed. $e');
}
}
} else {
try {
OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
print('Login succeeded. ${token.accessToken}');
} catch (e) {
print('Login failed. $e');
}
}
Kakao Login through redirection for Web
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Set Redirect URI Manage consent items Advanced: Activate OpenID Connect(Optional) Set Simple Signup(for Kakao Sync) |
Required | Required: Required consent item |
If you need to implement Kakao Login for a web environment by using the Flutter SDK, we recommend using the redirection method in web app development.
When you integrate Kakao Login with loginWithKakaoTalk() or loginWithKakaoAccount() that presents a pop-up window for a login, it may not work in a web environment because some web views do not allow pop-up windows.
To implement Kakao Login with the redirect method, you must:
- Check if Web platform and Redirect URI are registered.
- Request an authorization code in your service server by calling
authorizeWithTalk()orauthorize(). - Request the access token and refresh token with the authroization code recieved from the Kakao authorization server by using a REST API. See REST API > get tokens.
IMPORTANT: You must use the REST API key when you request the tokens. - Store the issued tokens in the Flutter SDK so that you can call the Kakao APIs with the tokens.
Get authorization code
Depending on the user environment where your web app is running, the isKakaoTalkInstalled() method returns a different boolean value. If a user attempts to log in via a web app on Android or iOS, isKakaoTalkInstalled() always returns true. Then, call the authorizeWithTalk() method that launches the Kakao Talk application and prompts the Consent screen asking for consent. Note that true does not guarantee that Kakao Talk is installed on the user's Android or iOS device. If Kakao Talk is not installed, the user is directed to a download page for Kakao Talk.
In other environments where your web app is running, such as Windows or Mac operating systems, isKakaoTalkInstalled() returns false. In this case, make the user log in with a Kakao Account by calling authorize().
bool talkInstalled = await isKakaoTalkInstalled();
if (talkInstalled) {
// Login with Kakao Talk. If Kakao Talk is not installed, the download page is open.
try {
await AuthCodeClient.instance.authorizeWithTalk(
redirectUri: '${REDIRECT_URI}',
);
} catch (error) {
print('Login with Kakao Talk fails $error');
}
} else {
// Login with Kakao Account
try {
await AuthCodeClient.instance.authorize(
redirectUri: '${REDIRECT_URI}',
);
} catch (error) {
print('Login with Kakao Account fails. $error');
}
}
Set tokens
To store the tokens issued from the Kakao authorization server into the token manager of the Flutter SDK, call the setToken() method.
// Change the token type to the type that can be used in SDK.
var tokenResponse = AccessTokenResponse.fromJson(response);
var token = OAuthToken.fromResponse(tokenResponse);
// Store tokens.
TokenManagerProvider.instance.manager.setToken(token);
Check token presence
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login |
Required | - |
To check if a user has obtained an access token through Kakao Login, call the hasToken() method defined in the UserApi class. This API returns the presence of tokens as a boolean type.
Note that calling hasToken() to check the token presence does not ensure the user's login status.
Sample
if (await AuthApi.instance.hasToken()) {
try {
AccessTokenInfo tokenInfo = await UserApi.instance.accessTokenInfo();
print('Succeeded in validating token ${tokenInfo.id} ${tokenInfo.expiresIn}');
} catch (e) {
if (e is KakaoException && e.isInvalidTokenError()) {
print('Token has expired.')
} else {
print('Failed to retrieve token information.')
}
try {
// Log in with Kakao Account
OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
}
} else {
print('There is no token.');
try {
OAuthToken token = await UserApi.instance.loginWithKakaoAccount();
print('Login succeeds. ${token.accessToken}');
} catch (e) {
print('Login fails. $e')
}
}
If the user has a valid access token, hasToken() returns the token information through the AccessTokenInfo class. Then, you can call the token-based APIs with the user's access token.
If false is returned, it means that the token is not valid, so you cannot retrieve the token information. For this case, implement a process for the user to log in to obtain tokens and the error handling process.
AccessTokenInfo
| Name | Type | Description | Required |
|---|---|---|---|
| id | Int |
Service user ID. | X |
| expiresIn | Int |
Validity period in seconds until the access token expires. | O |
| appId | Int |
App ID that an access token has been issued for. | O |
Logout
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login |
Required | - |
To enable a user to log out, call the logout() method in the UserApi class. Then, the access and refresh token issued through the login process is deleted, and the user is logged out.
Sample
// Logout
try {
await UserApi.instance.logout();
print('Logout succeeds. Tokens are deleted from SDK.');
} catch (e) {
print('Logout fails. Tokens are deleted from SDK.')
}
Regardless of the result of the logout request, the Flutter SDK deletes the access token and refresh token so that the login session expires.
Unlink
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login |
Required | - |
To unlink a user's Kakao Account from a service app, call the unlink() method in the UserApi class.
Sample
/// Unlink current user from the app.
try {
await UserApi.instance.unlink();
print('Unlink succeeds. Tokens are deleted from SDK.');
} catch (e) {
print('Unlink fails.')
}
If the request is successful, the session between an app and a user is disconnected, and the user is logged out as the issued access token and refresh token are deleted.
Retrieve token information
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login |
Required | - |
To retrieve the token information of the user who is currently logged in, call the accessTokenInfo() method in the UserApi class. To check the validity of the tokens only, use this API rather than retrieving all user information.
Sample
// Retrieving token information
try {
AccessTokenInfo tokenInfo = await UserApi.instance.accessTokenInfo();
print('Succeeded in retrieving token information\nService user ID: ${tokenInfo.id}\nValidity period: ${tokenInfo.expiresIn} seconds');
} catch (e) {
print('Failed to retrieve token information.')
}
If the request is successful, accessTokenInfo() returns the token information through the AccessTokenInfo class. If the access token expires, the access token is refreshed and new token information is returned.
You cannot trust the token information on the client side because it may expire if
- User changes the Kakao Account password and invalidates tokens
- User unlinks from your app
Retrieve user information
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items |
Required | Required: All consent items to request user information |
To retrieve user data, you must set consent items and obtain user's consent for the data that your service needs. If a user does not consent, you cannot get the user data. To check which a user has already agreed, you can call the Retrieving consent details API and check the agreed scopes first.
To retrieve the information of the user who is currently logged in, call the me() method in the UserApi class.
Sample
Here is an example of retrieving user information — Service user ID, email, nickname and profile thumbnail image URI.
// Retrieving user information
try {
User user = await UserApi.instance.me();
print('Succeeded in retrieving user information'
'\nService user ID: ${user.id}'
'\nEmail: ${user.kakaoAccount?.email}'
'\nNickname: ${user.kakaoAccount?.profile?.nickname}'
'\nProfile Thumbnail Image URI: ${user.kakaoAccount?.profile?.thumbnailImageUrl}');
} catch (e) {
print('Failed to retrieve user information');
}
me() returns the user information through the User class.
User
| Name | Type | Description | Required |
|---|---|---|---|
| id | Int |
Service user ID. | O |
| hasSignedUp | Bool |
Only returned when the Auto-link setting is disabled. Whether the user is completely linked with (signed up) your app. false: Preregisteredtrue: Registered |
X |
| connectedAt | DateTime |
The time when the user is linked with a service in UTC*. | X |
| synchedAt | DateTime |
The time when the user is logged in through Kakao Sync Simple Signup in UTC*. This value is only passed for Kakao Sync service users. In this case, its value is the same as connected_at. |
X |
| properties | Map<String, String> |
Additional user information saved on the Kakao platform to use it later. Refer to Prerequisites > Manage user properties. |
X |
| kakaoAccount | Account |
Kakao Account information. To see what user data you can get, refer to User information included in Kakao Account. |
X |
* The time is based on Coordinated Universal Time(UTC), being 9 hours behind Korean Standard Time(KST). For the format of time, refer to RFC3339: Date and Time on the Internet.
Ensure that you need to handle exceptions for the following cases in which you cannot get the user information:
- If you do not enable the consent item for some user information.
- If a user has not agreed to provide the user information to the third-party service.
- If a user has not provided the user information to Kakao.
Retrieve shipping address
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| Required: Consent item |
Register platforms Activate Kakao Login Manage consent items |
Required | Required: Shipping information |
To retrieve shipping address,
- You must enable the 'Shipping information (shipping_address)' scope.
- Users must consent to the scope. If a user does not consent, you cannot get the user data even though you enabled the scope.
The shipping_address scope is inactivated by default. To set the scope to 'Optional consent', connect your app to a Biz Channel. If your service must get users' shipping addresses, set the scope to 'Required consent' by going through the Review for Provision of Personal Information provided by Kakao Sync.
To retrieve a user's shipping addresses, call the shippingAddresses() method defined in the UserApi class. You can also pass the following parameters.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| fromUpdatedAt | DateTime |
If multiple shipping addresses are returned through multiple pages, only the shipping addresses that are changed after fromUpdateAt time return. The last shipping address on the previous page is used for an input value for the next page. If set to 0, shipping addresses are retrieved from the beginning. |
X |
| pageSize | Int |
Number of (two or more) shipping addresses displayed on a page. (Default: 10) |
X |
Sample
UserShippingAddresses userShippingAddress;
try {
userShippingAddress = await UserApi.instance.shippingAddresses();
} catch (e) {
print('Failed to retrieve shipping address.');
return;
}
if (userShippingAddress.shippingAddresses != null) {
print('Succeeded in retrieving shipping addresses. \nService user ID: ${userShippingAddress.userId}\nShipping addresses: \n${userShippingAddress.shippingAddresses?.join('\n')}');
} else if (!userShippingAddress.needsAgreement) {
print('User account does not have a shipping address. If required, select [Provision after collecting information] option in [My Application] > [Kakao Login] > [Consent items]');
} else if (userShippingAddress.needsAgreement) {
print('You must obtain consent to providing shipping address from a user.');
List<String> scopes = ['shipping_address'];
// Request consent to providing shipping addresses
OAuthToken token;
try {
token = await UserApi.instance.loginWithNewScopes(scopes);
print('allowed scopes: ${token.scopes}');
} catch (e) {
print('Failed to get consent to providing shipping address.');
}
try {
UserShippingAddresses userShippingAddresses = await UserApi.instance.shippingAddresses();
print('Succeeded in retrieving shipping address. \nService user ID: ${userShippingAddresses.userId}\n${userShippingAddresses.shippingAddresses?.join('\n')}');
} catch (e) {
print('Failed to retrieve shipping address.');
}
}
shippingAddresses() returns the UserShippingAddresses object.
UserShippingAddresses
| Name | Type | Description | Required |
|---|---|---|---|
| userId | Int |
Service user ID of a user who requested shipping addresses. | X |
| shippingAddresses | List<ShippingAddress> |
List of shipping addresses that the user added. The default shipping address is displayed on the uppermost, and the rest addresses are sorted by last updated date in decending order. |
X |
| needsAgreement | Bool |
Whether consent to shipping addresses is required. | O |
ShippingAddress
| Name | Type | Description | Required |
|---|---|---|---|
| id | Int |
Shipping address ID. | O |
| name | String |
Shipping address name. | X |
| isDefault | Bool |
Whether the shipping address is a default address or not. | O |
| updatedAt | DateTime |
The time when a user updated the shipping address. | X |
| type | String |
Shipping address type. - OLD: Administrative address- NEW : Road name address. |
X |
| baseAddress | String |
Base address that is automatically input when searching for a zipcode. | X |
| detailAddress | String |
Detailed address that a user adds to the base address. | X |
| receiverName | String |
Recipient name. | X |
| receiverPhoneNumber1 | String |
Recipient phone number. | X |
| receiverPhoneNumber2 | String |
Additional recipient phone number. | X |
| zoneNumber | String |
New type of 5-digit postal code for a road name address system. Required for the road name address system. |
X |
| zipCode | String |
Old type of 6-digit postal code for an administrative address system. Optional for the administrative address system because some old type of addresses may not have a zip code. |
X |
Store user information
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage user properties |
Required | - |
You can store or update the additional user information needed for your service. Call the updateProfile() method in the UserApi class. You must pass the custom property keys and values that you want to upadate through properties in a key-value pair. For example, if you want to update a user's clothing size, set properties to {'clothing_size': 'small'}.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| properties | Map<String, String> |
User information to be updated. Check the property keys of user information that you want to update in [My Application] > [User Properties] by referring to Manage user properties. You can also add new property keys up to five. |
O |
Sample
// Storing or updating user's additional information
// Check the names of property keys that you can use in [My Application] > [User Properties] in Kakao Developers.
try {
// Data to be updated
Map<String, String> properties = {'${CUSTOM_PROPERTY_KEY}': '${CUSTOM_PROPERTY_VALUE}'};
await UserApi.instance.updateProfile(properties);
print('Storing user information succeeds.');
} catch (error) {
print('Storing user information fails. $error')
}
To check if the user information is successfully updated under the designated property keys, call the Retrieving user information API.
Request additional consent
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items Advanced: Activate OpenID Connect(Optional) Set Simple Signup(for Kakao Sync) |
Required | Required: Required consent item |
You can request consent to access permission or specific personal information if the user has not agreed when the user logged in with Kakao. Before using this API, read Concepts > Request additional consent thoroughly for a better understanding.
Call the loginWithNewScopes() method in the UserApi class by passing the scopes of user information you want to request additional consent as arguments.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| scopes | List<String> |
Pass the scope IDs of the User information. You can figure out each scope's ID in [My Application] > [Kakao Login] > [Consent Items]. IMPORTANT: If you implement OpenID Connect (OIDC), you must add openid to scopes along with the scope values you want to obtain consent. If not, OAuth is applied even though OIDC is enabled. |
O |
| nonce | String |
Parameter to strengthen security. To prevent replay attacks, generate random strings and pass them as an argument. IMPORTANT: Allowed to set only when you integrate Kakao Login with OpenID Connect. |
X |
Sample
Here is an example that checks which scopes are required to get additional consent by checking the value of {FIELD_NAME}NeedsAgreement obtained through the Retrieving user information API.
/// Requesting additional consent
// You can request additional consent when the user attempts to use a service
// that requires specific user information and then obtain the user information as follows.
// * CAUTION: Consider the case that users refuse to consent to 'Optional consent' item
// to prevent a problem with the use of the service.
User user;
try {
user = await UserApi.instance.me();
} catch (error) {
print('Failed to retrieve user information. $error')
return;
}
// Check which scope are required to get additional consent.
List<String> scopes = [];
if (user.kakaoAccount?.emailNeedsAgreement == true) { scopes.add('account_email'); }
if (user.kakaoAccount?.birthdayNeedsAgreement == true) { scopes.add("birthday"); }
if (user.kakaoAccount?.birthyearNeedsAgreement == true) { scopes.add("birthyear");}
if (user.kakaoAccount?.ciNeedsAgreement == true) { scopes.add("account_ci"); }
if (user.kakaoAccount?.legalNameNeedsAgreement == true) { scopes.add("legal_name"); }
if (user.kakaoAccount?.legalBirthDateNeedsAgreement == true) { scopes.add("legal_birth_date"); }
if (user.kakaoAccount?.legalGenderNeedsAgreement == true) { scopes.add("legal_gender"); }
if (user.kakaoAccount?.phoneNumberNeedsAgreement == true) { scopes.add("phone_number"); }
if (user.kakaoAccount?.profileNeedsAgreement == true) { scopes.add("profile"); }
if (user.kakaoAccount?.ageRangeNeedsAgreement == true) { scopes.add("age_range"); }
// If a user has not granted permission to provide user information that is needed for your service, request additional consent with the `loginWithNewScopes()` method.
if (scopes.length > 0) {
print('Need to obtain consent from user.');
// If OpenID Connect (OIDC) is enabled,
// - When "openid" is added to `scopes`, OIDC is applied.
// - When "openid" is not added to `scopes`, OAuth 2.0 is applied.
// To use OIDC, add "openid" to `scopes`.
// scopes.add("openid");
OAuthToken token;
try {
token = await UserApi.instance.loginWithNewScopes(scopes);
print('allowed scopes: ${token.scopes}');
} catch (error) {
print('Failed to obtain additional consent. $error')
return;
}
// Retrieve the user information after obtaining consent.
try {
User user = await UserApi.instance.me();
print('Succeeded in retrieving user information.'
'\nID: ${user.id}'
'\nEmail: ${user.kakaoAccount?.email}'
'\nNickname: ${user.kakaoAccount?.profile?.nickname}'
'\nProfileImage: ${user.kakaoAccount?.profile?.thumbnailImageUrl}');
} catch (error) {
print('Failed to retrieve user information. $error')
}
}
If you develop a web app with the Flutter SDK, call the authorizeWithNewScopes() method. Because the Consent screen is not presented automatically in a web app, you must manually implement the following process invoked when a user consents to new scopes:
- Request an access token with the passed authorization code by using a REST API.
- Store the new access token in the Flutter SDK.
// Request additional consent to the required scopes (Email and gender in this code snippet).
try {
await AuthCodeClient.instance.authorizeWithNewScopes(
scopes: [account_email, gender],
redirectUri: '${REDIRECT_URI}',
);
} catch (error) {
print('Failed to retrieve user information. $error');
}
// Implement a logic to request the new access token and store the new token.
loginWithNewScopes() presents the Consent screen asking for consent to the requested scope. When a user chooses to provide the scope and selects [Accept and Continue] on the Consent screen, new tokens are issued, and the scope information is updated in the OAuthToken class.
On the other hand, authorizeWithNewScopes(), used for a web app, only returns an authorization code.
Retrieve consent details
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items |
Required | - |
To retrieve the detailed information of the scopes (consent items) that a user has agreed to, call the scopes() method in the UserApi class.
To retrieve the details of specific scopes only, you need to pass the scopes parameter as an argument when calling scopes().
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| scopes | List<String> |
Used when you retrieve specific scopes only. List of scope IDs you want to retrieve by referring to the IDs set in [My Application] > [Kakao Login] > [Consent Items]. |
X |
Sample: Retrieving all scopes
try {
ScopeInfo scopeInfo = await UserApi.instance.scopes();
print('Succeeded in retrieving consent details succeeds.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
print('Failed to retrieve consent details. $error')
}
Sample: Retrieving specific scope
// List of the scope IDs that you want to retrieve
List<String> scopes = ['account_email', 'friends'];
try {
ScopeInfo scopeInfo = await UserApi.instance.scopes(scopes: scopes);
print('Succeeded in retrieving consent details succeeds.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
print('Failed to retrieve consent details. $error')
}
If the request is successful, the API returns the details of the scopes that you enabled in [My Application] > [Kakao Login] > [Consent Items] and that the user has consented through the scopeInfo object. Even though your app is currently not using the scope but if a user has consented to the scope before, the scope is included in the response.
ScopeInfo
| Name | Type | Description | Required |
|---|---|---|---|
| id | Int |
Service user ID. | O |
| scopes | Scope |
List of scope information. | X |
Scope
| Name | Type | Description | Required |
|---|---|---|---|
| id | String |
Scope ID. | O |
| displayName | String |
Name or description of the scope (consent item) displayed on the Consent screen. | O |
| type | ScopeType |
Scope type. PRIVACY or SERVICE. PRIVACY: scopes for Personal Information SERVICE: scopes for Permission |
O |
| using | Bool |
Whether your app is using the scope.true: Using the scope. false: Not using the scope even though the user has agreed to. |
O |
| agreed | Bool |
Whether the user has agreed to the scope.true: The user has agreed. false: The user has not agreed. |
O |
| revocable | Bool |
Whether you can revoke this scope. Only returned if the user has agreed to the scope.( "agreed"=true)true: Possible to revoke the scope. false: Impossible to revoke the scope. |
X |
Revoke consent
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| - | Register platforms Activate Kakao Login Manage consent items |
Required | - |
To revoke the scope that a user has agreed to, call the revokeScopes() method in the UserApi class. You can only revoke the scope with "revocable":true among the scopes retrieved through the Retrieving consent details API. If you request to revoke the scope that is not revocable, an error is returned.
You must pass the list of scope ID through the scopes parameter when calling revokeScopes().
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| scopes | List<String> |
List of scope IDs you want to revoke. You can revoke only the scope with "revocable":true among the scopes retrieved through the Retrieving consent details API. |
O |
Sample
// List of the scope IDs that you want to revoke
List<String> scopes = ['account_email', 'legal_birth_date', 'friends'];
try {
ScopeInfo scopeInfo = await UserApi.instance.revokeScopes(scopes: scopes);
print('Succeeded in revoking consent.\n Scopes being used or agreed: ${scopeInfo.scopes}');
} catch (error) {
print('Failed to revoke consent. $error')
}
If the request is successful, the API returns the scopeInfo object that includes the changed details of each scope and whether a user has agreed to the scope.
Retrieve user agreed terms
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| Required: Kakao Sync |
Register platforms Activate Kakao Login Manage consent items Set Simple Signup |
Required | - |
This API is only allowed for the service that adopted Kakao Sync. To see the advantages of Kakao Sync, refer to Concept > Kakao Sync. Before implementing this API, read Design terms and policies.
To check which terms a user has consented to when the user logs in, call the serviceTerms() method in the UserApi class.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| extra | String |
Used to retrieve all of the terms registered in your app. In this case, set it to app_service_terms. |
X |
Sample
try {
UserServiceTerms userServiceTerms = await UserApi.instance.serviceTerms();
print('Succeeded in checking the agreed terms.\nService user ID: ${userServiceTerms.userId}\nAgreed terms: \n${userServiceTerms.allowedServiceTerms?.join('\n')}');
} catch (error) {
print('Failed to check the agreed terms. $error');
}
serviceTerms() returns the UserServiceTerms object.
UserServiceTerms
| Name | Type | Description | Required |
|---|---|---|---|
| userId | Int |
Service user ID. | X |
| appServiceTerms | List<AppServiceTerms> |
A list of terms registered for an app. | X |
| allowedServiceTerms | List<ServiceTerms> |
A list of terms that a user has consented to. | X |
AppServiceTerms
| Name | Type | Description | Required |
|---|---|---|---|
| tag | String |
Tag that is specified in [My Application] > [Simple Signup] for each term. | O |
| createdAt | Datetime |
The time when the term was registered. (RFC3339 internet date/time format) |
O |
| updatedAt | Datetime |
The time when the term was modified. (RFC3339 internet date/time format) |
O |
ServiceTerms
| Name | Type | Description | Required |
|---|---|---|---|
| tag | String |
Tag of the term that a user consented to. | O |
| agreedAt | Datetime |
The last time when a user consented to the term. (RFC3339 internet date/time format) |
O |
Get consent to desired terms
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| Required: Kakao Sync |
Register platforms Activate Kakao Login Manage consent items Advanced: Activate OpenID Connect(Optional) Set Simple Signup |
Required | Required: Required consent item |
This API is only allowed for the service that adopted Kakao Sync. To see the advantages of Kakao Sync, refer to Concept > Kakao Sync. Before implementing this API, read Design terms and policies.
This API enables you to request consent to a specific term that a user has not consented, regardless of whether the user has already signed up or not.
If your app is used for multiple services and each service requires consent to different terms, or if a new required term is added to your service, you can use this API. For more details, Design terms and policies.
To request consent to specific scopes from a user, pass the list of term tags through serviceTerms as an argument when you call loginWithKakaoTalk() or loginWithKakaoAccount().
If you do not add serviceTerms when requesting an authorization code, the general Kakao Login API proceeds. In this case, you cannot request consent to the desired terms. Also, if a user has already consented to all required terms, the user is logged in without the Consent screen prompted. For more details, refer to FAQ.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| serviceTerms | List<String> |
Tags for the terms that are required to consent. | O |
Sample
// Getting consent to desired terms
// Designate tags for the terms that you want to get consent
// among the terms registered in [My Application] > [Simple Signup] in Kakao Developers.
List<String> serviceTerms = ['service'];
// Request login with Kakao Talk using the serviceTerms parameter (same for Login with Kakao Account)
try {
OAuthToken token = await UserApi.instance
.loginWithKakaoTalk(serviceTerms: serviceTerms);
print('Login success. ${token.accessToken}');
} catch (error) {
print('Login fail. $error');
}
The response is returned through the OAuthToken object in the same as the Kakao Login.
Advanced: Manual signup
Basic information
| Permission | Prerequisite | Kakao Login | User consent |
|---|---|---|---|
| Required: Manual signup |
Register platforms Activate Kakao Login |
Required | - |
The Manual signup API is only for the app with the Auto-link option disabled. Before using this API, check out when to use this API and the cautions in REST API.
The Manual signup API manually links a user with your app to complete signup when the Auto-link is disabled. To figure out if the currently logged-in user needs to be linked with your app, check the value of hasSignedUp by calling the Retrieving user information API and handle each case:
| Return value | Status | Action |
|---|---|---|
true |
The user is already linked with your app. | You do not need to call the Manual signup API. |
false |
The user is not linked with your app. | You must call signup() to link the user with your app manually. |
null |
Your app is using the Auto-link feature. | You do not need to call the Manual signup API. |
// Checking if user is linked with your app by calling the Retrieving user information API.
try {
User user = await UserApi.instance.me();
print('Succeeded in retrieving user information.'
'\nService user ID: ${user.id}'
'\nLinked status:: ${user.hasSignedUp}');
} catch (error) {
print('Failed to retrieve user information. $error');
}
If the return value of hasSignedUp is false and the user is ready to sign up, call the signup() method to complete the signup. You can also request to store user information needed for your service with the properties parameter.
Parameter
| Name | Type | Description | Required |
|---|---|---|---|
| properties | Map<String, String> |
A list of user information. Used when you want to store user information needed for your service when linking a user. Refer to Manage user properties. |
X |
Sample
// Requesting signup
try {
await UserApi.instance.signup();
print('signup succeeds.');
} catch (error) {
print('signup fails. $error')
}
If the request is successful, the user's service ID is returned.
Because the user's linked status is not provided even when the request is successful, request the Retrieving user information API again and check the value of hasSignedUp to check the request result.