Page updated Nov 14, 2023

Manage credentials

The Amplify Auth category persists authentication-related information to make it available to other Amplify categories and to your application.

Amplify Flutter securely manages credentials and user identity information. You do not need to store, refresh, or delete credentials yourself. Amplify Flutter stores auth data on the device using platform capabilities such as Keychain Services on iOS and macOS and EncryptedSharedPreferences on Android.

Amplify will refresh the Access Token and ID Token as long as the Refresh Token is valid. Once the Refresh token expires, the user will need to reauthenticate to obtain a new one.

Some platform specific option can be customized with the out of the box options. In the example below, credentials will be stored in-memory on Web instead of the default behavior of using browser storage.

1await Amplify.addPlugin(
2 AmplifyAuthCognito(
3 secureStorageFactory: AmplifySecureStorage.factoryFrom(
4 webOptions: WebSecureStorageOptions(
5 persistenceOption: WebPersistenceOption.inMemory,
6 ),
7 ),
8 ),
9);

If you would like further customization, you can provide your own factory for creating SecureStorageInterface instances to AmplifyAuthCognito. The example below shows the use of a custom implementation that stores data in-memory on all platforms.

1await Amplify.addPlugin(
2 AmplifyAuthCognito(secureStorageFactory: InMemoryStorage.new),
3);
1class InMemoryStorage implements SecureStorageInterface {
2 InMemoryStorage(this.scope);
3
4 /// The scope of the item being stored.
5 ///
6 /// This can be used as a namespace for stored items.
7 final AmplifySecureStorageScope scope;
8
9 static final Map<String, String> _data = {};
10
11
12 void write({required String key, required String value}) {
13 _data['${scope.name}.$key'] = value;
14 }
15
16
17 String? read({required String key}) {
18 return _data['${scope.name}.$key'];
19 }
20
21
22 void delete({required String key}) {
23 _data.remove('${scope.name}.$key');
24 }
25}