Skip to main content
A completed wallet session combines a selected wallet, credential expiry, and authentication metadata. Protected wallet operations require this active session.

Restore the completed session

The native SDK persists completed sessions. Reuse the single OMSWallet instance with the same publishable key when the app starts, then read its state:
OMSWalletSessionState contains: Email metadata contains type: 'email' and email. OIDC metadata contains type: 'oidc', flow: 'id-token' | 'redirect', issuer, and optional provider, label, and email values. Use getWalletAddress() when you only need the selected address:

Observe expiration

Subscribe where your application owns wallet-session state and remove the subscription during cleanup:
The SDK replays the latest expiration event to a listener that subscribes after native expiration. Starting or completing a new authentication flow clears that replay.

List and activate wallets

An access credential can have multiple wallets. useWallet changes the selected wallet for the active session:
Create and activate another wallet with an optional application reference:
Wallet listing, switching, and creation require an active credential. They do not repeat authentication.

Issue a wallet ID token

A wallet ID token is short-lived proof for the currently active wallet. It is not the provider ID token used to authenticate and it is not the access credential that authorizes wallet API calls.
Send the token to your backend over HTTPS and verify it there. See backend wallet verification.

Inspect access credentials

Access credentials authorize wallet operations and have their own IDs and expiry timestamps. isCaller identifies the credential currently authorizing the list request. For a short list:
Iterate every page when you need the complete list:
Use listAccessPage when your UI owns cursor pagination. Omit cursor for the first page, then pass the returned cursor when it is defined:

Revoke access safely

Check isCaller before revocation. Revoking the caller removes the credential being used for the request and can end the current app’s ability to perform protected operations.

Sign out

Sign-out clears the active local wallet session. It does not revoke other credentials. Use revokeAccess to remove access from another credential.