Flowsta AuthAuthentication for the Decentralized Web

Quick Example ​

import { FlowstaAuth } from '@flowsta/auth';

// Initialize the SDK
const auth = new FlowstaAuth({
  clientId: 'your_client_id',
  redirectUri: 'https://yourapp.com/auth/callback'
});

// Redirect to Flowsta login
auth.login();

// On your callback page
const user = await auth.handleCallback();
console.log('Welcome,', user.displayName);
console.log('Username:', user.username);
console.log('DID:', user.did);

Why Flowsta Auth? ​

Traditional authentication services like Auth0 and Firebase store your user data in centralized databases. If their servers go down or get compromised, your users lose access.

Flowsta Auth is different:

• 🔓 Zero-Knowledge Privacy - Flowsta staff physically cannot access user private data
• 🆔 W3C DIDs - Every user gets a standards-compliant Decentralized Identifier
• 🌐 True Single Sign-On - One account works across all Flowsta partner sites
• 🔒 User-owned data - Users control their own encryption keys, not us
• 🚫 No client secrets needed - PKCE provides security for browser/mobile apps
• 🌍 Always available - Distributed network means no single point of failure

Perfect for applications that need:

• Zero-knowledge privacy where even the service provider can't access data
• W3C-compliant DIDs for verifiable credentials and decentralized identity
• Cross-platform SSO with portable, self-sovereign identities
• Simple OAuth integration without managing secrets

User Data You Receive ​

When users authenticate, you receive:

interface FlowstaUser {
  id: string;           // Unique user ID
  email?: string;       // Email (if 'email' scope granted)
  username?: string;    // Username (if set by user)
  displayName?: string; // Display name
  profilePicture?: string;
  agentPubKey?: string; // Holochain agent public key
  did?: string;         // W3C Decentralized Identifier
}

Ready to Get Started? ​