← Back to Docs

OAuth Configuration

Set up AniList OAuth authentication for your app

The Challenge

AniList OAuth requires different redirect URIs for different platforms:

  • Mobile (Android/iOS): Custom URI scheme like yourapp://auth
  • Desktop (Windows/macOS/Linux): Localhost like http://localhost:8080/auth
  • Web: Your domain like https://yourdomain.com/auth/callback

⚠️ Problem: Managing multiple OAuth redirect URIs across platforms can be complex and error-prone.

The Solution: Web-Based OAuth Gateway

MiyoList uses a unified web-based OAuth flow that works across all platforms:

  1. 1. User clicks "Sign In" in your Flutter app
  2. 2. App opens https://miyo.my/auth/login in browser
  3. 3. User authorizes on AniList
  4. 4. AniList redirects to https://miyo.my/auth/callback?code=xxx
  5. 5. Callback page displays the code
  6. 6. App extracts code (via HTTP server or manual entry)
  7. 7. App exchanges code for access token

✅ Benefits: Single redirect URI, consistent UX, works on all platforms, easier maintenance

Step 1: Register AniList App

Create your own AniList API client:

  1. 1.
  2. 2.
    Click "Create New Client"
  3. 3.
    Fill in the form:
    Name:
    Your app name (e.g., "MyAniListApp")
    Redirect URI:
    https://yourdomain.com/auth/callback
    Replace with your actual domain
  4. 4.
    Copy your Client ID - you'll need it in your app

Step 2: Deploy Web OAuth Gateway

You can either use MiyoList's gateway or deploy your own:

Option A: Use MiyoList Gateway

Use our hosted gateway at https://miyo.my

Redirect URI: https://miyo.my/auth/callback

Option B: Deploy Your Own

Clone the website repository and deploy to Vercel/Netlify:

git clone https://github.com/Baconana-chan/miyomy.git
cd miyomy && npm install
npm run build

Deploy to Vercel:

vercel --prod

Step 3: Update Flutter App

Update your app constants with your Client ID and redirect URI:

lib/core/constants/app_constants.dart

class AppConstants {
  // Your AniList Client ID
  static const String clientId = 'YOUR_CLIENT_ID';
  
  // Your web OAuth gateway URL
  static const String webAuthUrl = 'https://miyo.my/auth/login';
  static const String redirectUri = 'https://miyo.my/auth/callback';
}

Step 4: Choose Implementation Method

There are several ways to extract the OAuth code:

A

HTTP Server (Desktop)

Best for Windows/macOS/Linux apps

Recommended
Show code example 
import 'dart:io';
import 'package:url_launcher/url_launcher.dart';

Future<String?> signInWithOAuth() async {
  // Start local server on port 8080
  final server = await HttpServer.bind(InternetAddress.loopbackIPv4, 8080);
  
  // Open web auth in browser
  final authUrl = 'https://miyo.my/auth/login';
  await launchUrl(Uri.parse(authUrl));
  
  // Wait for redirect with code
  await for (final request in server) {
    final params = request.uri.queryParameters;
    if (params.containsKey('code')) {
      final code = params['code'];
      request.response.write('Success! You can close this window.');
      await request.response.close();
      await server.close();
      return code;
    }
  }
  return null;
}
B

Deep Links (Mobile)

Best for Android/iOS apps

Configure your app to handle yourapp://auth?code=xxx deep links

Show setup instructions

Add to android/app/src/main/AndroidManifest.xml:

<intent-filter>
  <action android:name="android.intent.action.VIEW" />
  <category android:name="android.intent.category.DEFAULT" />
  <category android:name="android.intent.category.BROWSABLE" />
  <data android:scheme="yourapp" />
</intent-filter>
C

Manual Entry (Fallback)

Universal fallback method

Show a dialog where user manually copies and pastes the code from the callback page

Step 5: Exchange Code for Token

Once you have the authorization code, exchange it for an access token: 

Future<String?> exchangeCodeForToken(String code) async {
  final response = await http.post(
    Uri.parse('https://anilist.co/api/v2/oauth/token'),
    headers: {'Content-Type': 'application/json'},
    body: jsonEncode({
      'grant_type': 'authorization_code',
      'client_id': AppConstants.clientId,
      'redirect_uri': AppConstants.redirectUri,
      'code': code,
    }),
  );

  if (response.statusCode == 200) {
    final data = jsonDecode(response.body);
    return data['access_token'];
  }
  return null;
}

Testing Your Setup

  1. 1. Run your app and click "Sign In"
  2. 2. Browser should open to your OAuth gateway
  3. 3. Click "Continue with AniList"
  4. 4. Authorize your app
  5. 5. Code should be extracted and exchanged for token
  6. 6. User should be logged in!

🎉 OAuth Setup Complete!

Your app can now authenticate users with AniList. Next steps:

🔌 API Integration

Learn to work with AniList GraphQL API

🏗️ Architecture

Understand the codebase structure