Skip to main content
Dynamic provides built-in authentication methods that handle the entire flow from user-facing UI to JWT issuance. No external auth infrastructure is required — enable the methods you want in the dashboard and the SDK handles the rest. Each method below links to specific SDK implementation guides for JavaScript, React, React Native, Swift, Kotlin, and Flutter.

Email

A one-time passcode (OTP) or magic link is sent to the user’s email address. The user enters the code (or clicks the link), the SDK verifies it with Dynamic’s backend, and a JWT is issued.

JavaScript

React

React Native

Swift

Kotlin

Flutter

SMS

A one-time passcode is sent to the user’s phone number. The user enters the code, the SDK verifies it, and a JWT is issued.

JavaScript

React

React Native

Swift

Kotlin

Flutter

Web3 wallets

The user connects an external wallet (MetaMask, Phantom, Coinbase Wallet, etc.) and signs a message to prove ownership. After the signature is verified, Dynamic issues a JWT.

JavaScript

React

React Native

Swift

Kotlin

Flutter

Social login

The user authenticates via an OAuth provider (Google, Discord, Apple, GitHub, X/Twitter, etc.). The SDK redirects to the provider, handles the callback, and issues a JWT. For provider setup and configuration, see Social Providers.

JavaScript

React

React Native

Swift

Kotlin

Flutter

Passkey (sign-in only)

The user authenticates using a passkey via WebAuthn. Passkey sign-in is supported as a primary authentication method. Passkey registration is supported as an MFA method.

JavaScript

React

React Native

Swift

Kotlin

Flutter

Instead of returning the JWT for in-app storage (e.g. localStorage), Dynamic can set a secure, HttpOnly cookie containing a minified JWT. The browser (or applicable client) sends the cookie automatically on same-origin requests, reducing XSS risk and enabling cross-subdomain sessions. For setup steps, verification checklist, and how it works, see Cookie-based authentication.

React

React Native

JavaScript

What happens after authentication

After a JWT is issued, additional steps may follow depending on your configuration:
  • Information capture: If you require fields like email, alias, or username, the user is prompted to complete them before being fully logged in. See your SDK’s information capture docs.
  • Embedded wallet creation: If enabled, embedded wallets are created after authentication (not during). The user may be authenticated before the wallet is ready. See Embedded Wallets.
  • MFA: If required, the user completes multi-factor authentication to upgrade their JWT scope. See MFA.
  • Access control: Dynamic evaluates access lists and gates during authentication to determine whether the JWT is issued and what scopes it contains.