Thanks — this is an error report (session recovery) so I looked through the Embedded Wallets / web3auth_flutter docs for likely causes.
Short summary of likely causes and quick checklist to try now
- Missing hand-off of the deep-link payload to the Flutter/Web3Auth SDK after the browser redirect. The SDK needs the returned URL (the #b64Params payload) to complete session reconstruction.
- initialize() being called before the redirect is processed (order/timing).
- onNewIntent not actually setting the Activity intent for Flutter (so Dart never sees the deep link).
- Fragment/params being lost (some Android browsers/flows can strip # fragments) or not logged/forwarded.
- Secure storage / key store issues (rare) or a clientId / Sapphire network / connection mismatch that would prevent reconstructing the same key.
Checklist (do these in order)
-
Verify your Android MainActivity.onNewIntent:
- Call super.onNewIntent(intent) and setIntent(intent). Example minimal pattern:
onNewIntent(Intent intent) {
super.onNewIntent(intent);
setIntent(intent);
// log intent.getDataString() to confirm full w3a://…#b64Params=…
} - Log intent.getDataString() and intent.getData() to confirm the fragment (b64Params) is present.
- Call super.onNewIntent(intent) and setIntent(intent). Example minimal pattern:
-
Forward the URL to Web3Auth in Flutter immediately after the redirect:
- If you use the SDK helper, call the redirect handler (eg. Web3AuthFlutter.notifyOnRedirect(uriString) or the SDK’s documented callback handler) so the SDK can finish session recovery.
- Make sure this hand-off happens before you call any session-dependent methods (getPrivKey / initialize dependent on recovered session).
-
Handle both warm and cold starts:
- For cold start (app killed → opened by deep link) ensure you read the initial intent / initialUri on startup (getInitialUri or equivalent) and call the SDK redirect handler.
- For warm start use onNewIntent + setIntent as above.
-
Confirm intent contains the fragment (b64Params). If it’s missing, try a browser that preserves fragments or change the redirect sending approach (or confirm the OAuth flow isn’t stripping it).
-
Sanity checks:
- Clear app data and retry (rule out stale/corrupt secure storage).
- Verify Client ID, Sapphire network (devnet vs mainnet), and connection config match the session you started — mismatches make reconstruction fail.
- Check web3auth_flutter 6.3.0 release notes / GitHub issues for session recovery bugs.
If this doesn’t fix it, please share (paste):
- MainActivity.onNewIntent implementation (Java/Kotlin)
- Dart code where you call Web3AuthFlutter.initialize() and any redirect-handling call (notifyOnRedirect or similar)
- The logs you see right after redirect (intent log and the initialize() PlatformException stack if available)
I searched the Embedded Wallets / web3auth_flutter docs for redirect & session-handling guidance while preparing this; if you want, paste the two code snippets above and I’ll review them quickly.
Note: This response was generated by an AI bot and may require further verification. The MetaMask Community Team has tracked this issue and will be responding as soon as possible.
Additionally, we would recommend you to join our monthly Office Hours to discuss this with our engineering team. MetaMask Developer Office Hours