For Holochain Developers

Three ways to integrate Flowsta with your Holochain application.

Option 1: Authentication Only

Use Flowsta's OAuth for user authentication while managing your own Holochain infrastructure:

import { FlowstaAuth } from '@flowsta/auth';

const auth = new FlowstaAuth({
  clientId: 'your-client-id',
  redirectUri: 'https://yourapp.com/callback',
  scopes: ['openid', 'public_key', 'did']
});

const user = await auth.handleCallback();
console.log('DID:', user.did);
console.log('Flowsta agent key:', user.agentPubKey);

Best for: Apps that want consistent user identity across the Flowsta ecosystem but run their own conductor and agent keys.

Option 2: Agent Linking via Vault

Let users prove their Flowsta identity on your DHT with cryptographic attestations:

import { linkFlowstaIdentity } from '@flowsta/holochain';

const result = await linkFlowstaIdentity({
  appName: 'YourApp',
  clientId: 'your-client-id',
  localAgentPubKey: myAgentKey,
});

// Commit to your DHT
await appWebsocket.callZome({
  role_name: 'my-role',
  zome_name: 'agent_linking',
  fn_name: 'create_direct_link',
  payload: {
    other_agent: decodeHashFromBase64(result.payload.vaultAgentPubKey),
    other_signature: base64ToSignature(result.payload.vaultSignature),
  },
});

Best for: Apps where users need verifiable identity across multiple Holochain networks. Requires users to have Flowsta Vault installed.

Full guide: Building Holochain Apps

Option 3: Desktop App via Vault Auth

Authenticate your Tauri desktop app through Vault's IPC:

import { FlowstaVaultAuth } from '@flowsta/auth-tauri';

const vault = new FlowstaVaultAuth();

const status = await vault.getStatus();
if (status.unlocked) {
  const identity = await vault.getIdentity();
  console.log('DID:', identity.did);
}

Best for: Desktop Holochain apps built with Tauri that want Flowsta authentication without browser redirects.

Full guide: Tauri App Authentication

Adding Agent-Linking Zomes

To support Option 2, add the flowsta-agent-linking zomes to your DNA:

# integrity/Cargo.toml
[dependencies]
flowsta-agent-linking-integrity = { git = "https://github.com/WeAreFlowsta/flowsta-agent-linking" }

# coordinator/Cargo.toml
[dependencies]
flowsta-agent-linking-coordinator = { git = "https://github.com/WeAreFlowsta/flowsta-agent-linking" }

The zomes provide:

• create_direct_link - Commit identity attestation
• get_linked_agents - Query linked agents
• are_agents_linked - Check if two agents are linked
• revoke_link - Revoke a link

Detailed zome reference

CAL Compliance

All Holochain apps are licensed under the Cryptographic Autonomy License (CAL), which requires that users can access their data and cryptographic keys. Flowsta Vault makes CAL compliance easy — integrate auto-backups so users can export their data at any time:

import { startAutoBackup } from '@flowsta/holochain';

startAutoBackup({
  clientId: 'flowsta_app_abc123',
  appName: 'YourApp',
  getData: async () => ({ /* your app data */ }),
});

Next Steps

• Building Holochain Apps - Step-by-step integration
• Agent Linking - Attestation mechanics
• @flowsta/holochain SDK - Backup API reference
• Holochain Architecture - How Flowsta's infrastructure works