When a user successfully logged-in, Cotter will generate an access_token , an id_token , and a refresh_token that you can use in your backend API.

The SDK automatically stores these tokens in the device's secure storage.

Getting The Tokens

Cotter cotter = new Cotter(apiKeyID: API_KEY_ID);
try {
  var accessToken = await cotter.getAccessToken();
  var idToken = await cotter.getIDToken();
  var refreshToken = await cotter.getRefreshToken();
} catch (e) {
  print(e);
}

This function will automatically refresh the access_token and id_token if it's expired.

OAuth Token Specification