The following are some best practices for integrating your application with Login with Unstoppable.
In addition to logging in with the controlling Ethereum or Polygon wallet, the UAuth service allows users to login using certain verified accounts associated with the domain's ud.me profile, such as a Solana wallet address. You can check which account was used to authorize the login session using the getAuthorizationAccount() method.
// In the login handler const authorization = await uauth.loginWithPopup(); const account = uauth.getAuthorizationAccount(authorization);
// On the callback page const response = await uauth.loginCallback(); const account = uauth.getAuthorizationAccount(response.authorization);
const authorization = await uauth.authorization(); const account = uauth.getAuthorizationAccount(authorization);
This will return a VerifiedAddress describing the account used. For a standard Unstoppable Login, this will be the wallet address that owns the domain.
Before launching your application, you should verify the login flow that users will experience and ensure that correct scopes are being requested from users. In the last modal screen shown below, only the minimum scopes are being requested by the application: openID, wallet, and email.
The modals are further described below:
- Modal 1. User clicks on Login with Unstoppable Button.
- Modal 2. A modal is displayed which allows the user to begin the authorization process by entering their Unstoppable domain.
- Modal 3. During login, the user will see the resolved address and the information being requested by the application (i.e. the scopes). The user must sign the transaction using their wallet address in order to share their information with the dApp.
Your integration will need Unstoppable Domains branded login buttons. See the table below for style guidelines.
Or you can download the full set of default Login With Unstoppable buttons.