Blockstack auth-redirect via domain name in iOS App


First time blockstack dev here and I am trying to follow the instructions given here to authenticate in an iOS app. I have installed the the “webapp” given as example, however, I am a bit lost here, probably due to the lack of understanding of core Blockstack architecture.

My web app is running on my laptop’s localhost, if I want to hit this app from my phone’s browser or an app, I will need to give the app my local IP address? That will help in authenticating through blockstack?

How can we “register” the domain name and end point like myblockstackapp://? Is it registered somewhere or it’s just an arbitrary name we assign ourselves?

From another forum thread thread and through multiplayer tutorial I gather that we need a .id domain for the “app”? or is it for ourselves?

How come all the other apps are running on .com TLD like:

To sum it up, if I host the “webapp” given as example on a server under a centralized TLD like .com and hit my app using that URL in the browser and ask the user to go through auth and redirect back to the app? But how do I hit myblockstackapp:// from that app for a URL?

Sorry, if its a confusing thread but I am that confused :slight_smile: If there is any documentation or video or tutorial I can follow that will be wonderful. I have searched, couldn’t find any, will be happy to create one if someone could just explain the domain name and auth-redirect for me.



The problem with authenticating the user for an app running on localhost is that the Blockstack browser webapp at is on https and your local webapp is not. The browser (Safari) will refuse to load the app manifest file and authentication will fail.

If you want to run a local webapp, you’ll also need to run the Blockstack browser locally as well.

The alternative to that is to host your webapp on a public server and enable https.

You have to configure the URL scheme settings in your iOS app to handle the protocol.

The username is for yourself, not the app. You can now register a sponsored username for free using the latest version of the Blockstack browser.

1 Like

Thanks for the hints, I got the example app working.

Just to be clear once again, we don’t need to register apps anywhere and can just work with our url redirect schema?

Many thanks,

1 Like

this is not clear to me as well. for example I’m using for my app. after one year, I decided to change my domain like what will happen? am I gonna lose all user data on Gaia which related with my app? @yukan

also as he said, domains are centralized. Today, we are not building properly decentralized apps tho’

1 Like

from the whitepaper;

Am I wrong?


1 Like

I think when saying the app is ‘decentralized’ it’s really important to have a brief explanation of what that means. We tried to do that with Stealthy for our Show HN post because the current trend is for people to really ask ‘how decentralized is this?’

Specifically, Stealthy offline messaging services and WebRTC are fully decentralized. The discovery process has a centralized introduction process that occurs once when you add a contact if you have that feature enabled.

Another important nuance is context. For instance you might say that using Microsoft Azure is not decentralizing storage, but when you look at it through the lens of “the product developer/company does not own my data and I have decentralized storage of that data away from them and the app”, it changes things. For many people, it seems decentralized storage only means storage on a multitude of servers not owned or controlled by a single entity.


Yes, WebRTC good choice. But still, you need to use a centralized server like stun, turn or whatever it is as you said. There is a good challenge to solve. (Maybe you can broadcast platform data from user to user, I’ve suggested that in the contribute pages)

In place, GAIA uses big cloud providers because they have %99.9 uptime. it sounds scary to me. to be honest, yeah this isn’t decentralized, easy to tell. even more than, “the new internet” can be dead in 10 years because of the “AWS Bills”. it doesn’t make sense bru.

it’s working. As a developer, I respect that.

if Blockstack doing MVP, It’s OK. Cause they can create a fully decentralized solution and move the static data to the peers in the future. Must be easy to replace I think.

My question was, if I change the app domain, users will lose their data from GAIA? And what’s the solution for that?

That’s somewhat true — I wrote up a bit of discussion about that behavior, and some mitigation strategies that could be pursued here: Per-App Private Keys and Gaia Storage and Future Strategies