Docs Menu

Email/Password Users - Flutter SDK

On this page

With Atlas App Services's email/password authentication provider, you can register a new account, confirm an email address, and reset a user's password from client code.

  1. Create an Atlas App Services app.
  2. Before you begin writing client code, you should understand the different email/password authentication flows that App Services provides, and configure the backend implementation for your application. App Services has a variety of ways to confirm email/password user identities and reset user passwords. Learn more about, enable, and configure App Services email/password authentication.
  1. Create a new EmailPasswordAuthProvider instance with your App instance as the argument.
  2. Invoke EmailPasswordAuthProvider.registerUser(), passing the user's email and password as arguments.
EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.registerUser("", "myStr0ngPassw0rd");

Registering a user does not also log that user in. You must log the user in separately.

  1. Create an email/password credential by calling Credentials.emailPassword() with the user's email and password.
  2. Pass the generated credential to app.logIn.
Credentials emailPwCredentials =
Credentials.emailPassword("", "myStr0ngPassw0rd");
await app.logIn(emailPwCredentials);

Once you register a new email/password user, you must confirm the email address unless you configure App Services to automatically confirm users.

If you configure App Services to use a custom function for email address confirmation, handle user confirmation with the logic of your custom function's flow. The App Services backend invokes the custom function when the user registers.

You only need to send a confirmation email if you configure Atlas App Services to handle user confirmation with an email.

To confirm a newly-created user, pass a confirmation token and tokenId to EmailPasswordAuthProvider.confirmUser(). These are included in the email sent to the user's email address when they register.

EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.confirmUser(token, tokenId);
Use Deep Links in Flutter Apps

Mobile applications can handle email confirmation directly in the app by configuring deep linking.

The SDK provides methods to resend user confirmation emails or retry custom confirmation.

Use this user confirmation method if you've configured the App Services backend to retry a custom user confirmation function.

To retry a confirmation function, pass the email used in sign up to EmailPasswordAuthProvider.retryCustomConfirmationFunction().

EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.retryCustomConfirmationFunction("");

Use this user confirmation method if you've configured the App Services backend to resend a confirmation email. Email/password URLs expire after 30 minutes, so users who do not visit within that period need new emails to confirm their accounts.

To resend a confirmation email, pass the email used in sign up to EmailPasswordAuthProvider.resendUserConfirmation().

EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.resendUserConfirmation("");

To reset a user password with App Services, you can either:

  • Run a password reset function
  • Send a password reset email

To select which of these methods to use in your app, configure the App Services authentication password reset behavior.

If you have defined a backend function to reset the user's password, you pass the user's email address, the new password, and optional Map of custom arguments to EmailPasswordAuthProvider.callResetPasswordFunction().

// The password reset function takes any number of
// arguments. You might ask the user to provide answers to
// security questions, for example, to verify the user
// should be able to complete the password reset.
final args = [
"Snowball II",
"Springfield Elementary School",
EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.callResetPasswordFunction(
"", "n3wSt0ngP4ssw0rd!",
functionArgs: args);

To send a password reset email, pass the email used in sign up to EmailPasswordAuthProvider.resetPassword().

EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.resetPassword("");

Password reset emails contain two values, token and tokenId. To complete the password reset flow, you can reset the user's password on the client or by calling a custom function on the backend.

To reset the password on the client, your UI should prompt the user to enter a new password and the token and tokenId values. You pass these values to EmailPasswordAuthProvider.completeResetPassword().

EmailPasswordAuthProvider authProvider = EmailPasswordAuthProvider(app);
await authProvider.completeResetPassword(
"n3wSt0ngP4ssw0rd!", token, tokenId);

To access the token and tokenId values sent in the password reset email, you can use a custom password reset email containing a deep link.

←  Authenticate Users - Flutter SDKWork with Multiple Users - Flutter SDK →
Give Feedback
© 2022 MongoDB, Inc.


  • Careers
  • Investor Relations
  • Legal Notices
  • Privacy Notices
  • Security Information
  • Trust Center
© 2022 MongoDB, Inc.