{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["admonition","tabs","tab"]},"redocly_category":"Guides","product":"Fraud Prevention","type":"markdown"},"seo":{"title":"Flutter plugin quick start","description":"Everything about Mosaic Journeys, SDKs, and APIs","siteUrl":"https://developer.transmitsecurity.com/","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"flutter-plugin-quick-start","__idx":0},"children":["Flutter plugin quick start"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This guide describes how to integrate Fraud Prevention into your Flutter application. It helps you set up the Mosaic Flutter plugin, enabling you to enhance your mobile applications' security with Fraud Prevention services."]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"info","name":"Note"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Client-side integrations are recommended for POCs and testing. For production environments, consider implementing ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/quick_start_backendapi"},"children":["Backend integration"]},". Learn more about integration options: ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/integration_clientside_vs_backend"},"children":["Client-side integration vs Backend integration"]},"."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"how-it-works","__idx":1},"children":["How it works"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The flow starts with the user navigating to the app (1). The plugin gets initialized and starts sending telemetry to Mosaic (2). When a user performs an action, for example, clicks a login button (3), the plugin triggers an action event (4) and obtains an action token (5) which then forwards to the backend (6). Having received an action token, the application backend uses it to fetch recommendation from Mosaic (7 & 8) and instructs the client to act accordingly (9) in order to complete the login procedure (10). Upon successful login, the client sets the user (11)."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"img","attributes":{"src":"/assets/drs-integrations.e8bd6c270c3421cd094a28293ef02bbedc1ec768e8b114e37ca9db8266381857.e95a590b.png","alt":""},"children":[]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"requirements","__idx":2},"children":["Requirements"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Flutter 3.0.0 or higher"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["iOS 13.0 or higher"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Android API level 24 (Android 7.0) or higher"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Dart 2.17.0 or higher"]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"before-you-start","__idx":3},"children":["Before you start"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Ensure that ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Fraud Prevention"]}," is enabled as the risk engine for your tenant. Identity Threat Protection and Fraud Prevention are mutually exclusive—contact your Customer Success Manager to enable the appropriate engine."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-1-get-client-credentials","__idx":4},"children":["Step 1: Get client credentials"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Admin Portal"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Client credentials are used to identify your app and generate access tokens for authorizing Mosaic requests. To obtain them, you'll need to create an application in the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://portal.transmitsecurity.io/"},"children":["Admin Portal"]}," (if you don't have one yet)."]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["From ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Applications"]},", click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Add application"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Add the friendly application name to display in the Admin Portal."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Add an OIDC client, specify the client secret as an authentication method, and your website URL as a redirect URI (e.g., ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://your-domain.com"]},")."]}]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"info","name":"Note"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["These fields are required for all Mosaic apps, but won't be used for Fraud Prevention."]}]},{"$$mdtype":"Tag","name":"ol","attributes":{"start":4},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Add"]}," to create your application. This will automatically generate your client credentials."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-2-install-the-plugin","__idx":5},"children":["Step 2: Install the plugin"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Client"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Add the Mosaic Flutter plugin to your ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["pubspec.yaml"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"yaml","header":{"controls":{"copy":{}}},"source":"dependencies:\n  flutter_ts_account_protection:\n    git:\n      url: https://github.com/TransmitSecurity/flutter_ts_account_protection.git\n      ref: 1.0.0\n","lang":"yaml"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Then run:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"bash","header":{"controls":{"copy":{}}},"source":"flutter pub get\n","lang":"bash"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-3-configure-the-plugin","__idx":6},"children":["Step 3: Configure the plugin"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Client"]}]},{"$$mdtype":"Tag","name":"Tabs","attributes":{"size":"medium"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"label":"Android","disable":false},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"add-maven-repository","__idx":7},"children":["Add Maven repository"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Add the Transmit Security Maven repository to your module-level ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["android/build.gradle"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"gradle","header":{"controls":{"copy":{}}},"source":"allprojects {\n    repositories {\n        google()\n        mavenCentral()\n        maven {\n            url \"https://transmit.jfrog.io/artifactory/transmit-security-gradle-release-local/\"\n        }\n    }\n}\n","lang":"gradle"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"update-buildgradle","__idx":8},"children":["Update build.gradle"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In your ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["android/app/build.gradle"]},", set the minimum SDK version:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"gradle","header":{"controls":{"copy":{}}},"source":"android {\n    compileSdkVersion 34\n    defaultConfig {\n        minSdkVersion 21\n        targetSdkVersion 34\n    }\n}\n","lang":"gradle"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"update-androidmanifestxml","__idx":9},"children":["Update AndroidManifest.xml"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Add to your ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["android/app/src/main/AndroidManifest.xml"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"xml","header":{"controls":{"copy":{}}},"source":"<uses-permission android:name=\"android.permission.INTERNET\" />\n","lang":"xml"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"update-stringsxml","__idx":10},"children":["Update strings.xml"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Add to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["android/app/src/main/res/values/strings.xml"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"xml","header":{"controls":{"copy":{}}},"source":"<resources>\n    <!-- Mosaic Credentials -->\n    <string name=\"transmit_security_client_id\">\"CLIENT_ID\"</string>\n    <string name=\"transmit_security_base_url\">https://api.transmitsecurity.io/risk-collect/</string>\n</resources>\n","lang":"xml"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Use the appropriate base URL for your environment:"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Environment"},"children":["Environment"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Base URL"},"children":["Base URL"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["US"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["EU"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.eu.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Canada"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.ca.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Australia"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.au.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Custom domain"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://<your_custom_domain>/risk-collect/"]}]}]}]}]}]}]},{"$$mdtype":"Tag","name":"div","attributes":{"label":"iOS","disable":false},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The iOS SDK requires iOS 13.0 or higher. The native SDK is included via Swift Package Manager—no additional configuration is required."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"create-transmitsecurityplist","__idx":11},"children":["Create TransmitSecurity.plist"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Create a file named ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["TransmitSecurity.plist"]}," in ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["ios/Runner/"]}," and add the following content:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"xml","header":{"controls":{"copy":{}}},"source":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n    <key>clientId</key>\n    <string>[CLIENT_ID]</string>\n    <key>baseUrl</key>\n    <string>https://api.transmitsecurity.io/risk-collect</string>\n</dict>\n</plist>\n","lang":"xml"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Use the appropriate base URL for your environment:"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Environment"},"children":["Environment"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Base URL"},"children":["Base URL"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["US"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["EU"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.eu.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Canada"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.ca.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Australia"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.au.transmitsecurity.io/risk-collect/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Custom domain"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://<your_custom_domain>/risk-collect/"]}]}]}]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-4-initialize-the-plugin","__idx":12},"children":["Step 4: Initialize the plugin"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Client"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Import the package and create an instance of the plugin:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"import 'package:flutter_ts_account_protection/flutter_ts_account_protection.dart';\n\nfinal accountProtection = FlutterTsAccountProtection();\n","lang":"dart"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Initialize the plugin when your app starts. Choose one of the following options:"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Option A: Simple initialization (recommended)"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Uses the platform-specific configuration files created in ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"#step-3-configure-the-plugin"},"children":["Step 3"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"await accountProtection.initializeSDK();\n","lang":"dart"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Option B: Initialize with explicit parameters"]}]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"await accountProtection.initialize(\n  'CLIENT_ID',\n  'https://api.transmitsecurity.io/risk-collect/',\n  configuration: TSInitSDKConfiguration(\n    enableLocationEvents: true,\n  ),\n);\n","lang":"dart"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The optional configuration object accepts the following properties:"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Property"},"children":["Property"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Type"},"children":["Type"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["enableLocationEvents"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["bool"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Enables reporting device location during plugin initialization and when the app moves to the foreground. Default: ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["false"]},". The user must consent to sharing location in advance (see ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/report_geolocation"},"children":["Track geolocation"]},")."]}]}]}]}]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"info","name":"Backend integration"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Start a plugin session and obtain a device session token after plugin initialization and prior to triggering events, and persist it on your backend. This step is optional for client-side integration but ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["strongly recommended"]}," as it allows you to transition to the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/quick_start_backendapi"},"children":["backend integration"]},"—a device session token is needed to trigger events from the backend and binds the user's interactions to their device."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"final sessionToken = await accountProtection.getSessionToken();\n","lang":"dart"},"children":[]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-5-wire-navigation-observer","__idx":13},"children":["Step 5: Wire navigation observer"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Client"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Page-load telemetry is captured through the plugin's built-in navigation observer. If you do not wire this observer, page-load events will not be collected."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Attach ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["DrsCore.navigationObserver"]}," to your app's navigator:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"import 'package:flutter/material.dart';\nimport 'package:flutter_ts_account_protection/flutter_ts_account_protection.dart';\n\nclass MyApp extends StatelessWidget {\n  const MyApp({super.key});\n\n  @override\n  Widget build(BuildContext context) {\n    return MaterialApp(\n      home: const HomePage(),\n      navigatorObservers: [DrsCore.navigationObserver],\n    );\n  }\n}\n","lang":"dart"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["If your app uses a router package, attach ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["DrsCore.navigationObserver"]}," to the router's navigator observers in the same way."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-6-use-the-flutter-plugin","__idx":14},"children":["Step 6: Use the Flutter plugin"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Client"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The example below demonstrates triggering a login event from a login button, setting and clearing a user."]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"info","name":"Note"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For an alternative approach that directly utilizes our backend API instead, refer to our ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/quick_start_backendapi#step-4-trigger-actions"},"children":["Backend API implementation"]}," guide."]}]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["triggerAction()"]}," receives an action type and returns a response that includes the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["actionToken"]}," that you should pass to the backend. To obtain risk recommendations for sensitive actions, your application should report these actions. To do this, add the code below to relevant user interactions (such as the Login button tap handler). The plugin allows reporting on events with specific action types. Replace ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["[ACTION_TYPE]"]}," with the appropriate action type from our ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/recommendations"},"children":["list of actions"]},"."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To improve Fraud Prevention, optionally pass the correlation ID, and claimed user ID and its type (for users that haven't authenticated yet)."]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To report precise device location, add ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["locationConfig"]}," to the call (the user has to consent to sharing location in advance, see ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/report_geolocation"},"children":["Track geolocation"]},")."]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["customAttributes"]}," is an optional map that adds context to an action but must match the schema defined in the Portal. Invalid attributes are ignored (see ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/action-attributes"},"children":["Custom attributes"]},")."]}]}]}]}]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"import 'package:flutter_ts_account_protection/flutter_ts_account_protection.dart';\n\nfinal accountProtection = FlutterTsAccountProtection();\n\nvoid handleTriggerActionLogin() async {\n  final result = await accountProtection.triggerAction(\n    TSAction.login.name,\n    options: TSActionEventOptions(\n      correlationId: 'CORRELATION_ID',\n      claimedUserId: '91e25bea0c...', // hashed email\n      claimedUserIdType: TSClaimedUserIdType.email,\n      referenceUserId: 'REFERENCE_USER_ID',\n    ),\n    locationConfig: TSLocationConfig(\n      mode: 'default',\n    ),\n    customAttributes: {\n      'userLevel': 'premium',\n    },\n  );\n  final actionToken = result.actionToken;\n  print('Action Token: $actionToken');\n}\n","lang":"dart"},"children":[]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["setAuthenticatedUser()"]}," sets the user context for all subsequent events for the session (or until the user is explicitly cleared). It should be called only after you've fully authenticated the user (including, for example, any 2FA that was required). For the complete list of action types, see our ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/guides/risk/recommendations#action-types"},"children":["recommendations"]}," page."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"await accountProtection.setAuthenticatedUser(username);\n","lang":"dart"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["clearUser()"]}," clears the user context for all subsequent events in the mobile session. The user gets automatically cleared once the session expires or in case of a login action."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"await accountProtection.clearUser();\n","lang":"dart"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["getSessionToken()"]}," returns a session token needed for triggering events from the backend."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"dart","header":{"controls":{"copy":{}}},"source":"final sessionToken = await accountProtection.getSessionToken();\n","lang":"dart"},"children":[]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"step-7-fetch-recommendations","__idx":15},"children":["Step 7: Fetch recommendations"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge-wrapper"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"className":"badge"},"children":["Backend"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["You can fetch recommendations for the reported action using the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/openapi/risk/recommendations.openapi/other/getriskrecommendation"},"children":["Recommendation API"]},". This is the same API that's also used for mobile integrations."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Mosaic APIs are authorized using an OAuth access token so you'll need to fetch a token using your client credentials (from Step 1). To do this, send the following request:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"javascript","header":{"controls":{"copy":{}}},"source":"const resp = await fetch(\n  `https://api.transmitsecurity.io/oidc/token`,\n  {\n    method: 'POST',\n    headers: {\n      'Content-Type': 'application/x-www-form-urlencoded'\n    },\n    body: new URLSearchParams({\n      grant_type: 'client_credentials',\n      client_id: '[CLIENT_ID]',\n      client_secret: '[CLIENT_SECRET]'\n    })\n  }\n);\nconst { access_token } = await resp.json();\n","lang":"javascript"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["From your backend, invoke the Recommendation API by sending a request like the one below. The ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["[ACCESS_TOKEN]"]}," is the authorization token you obtained using your client credentials and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["[ACTION_TOKEN]"]}," is the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["actionToken"]}," received in Step 6."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"javascript","header":{"controls":{"copy":{}}},"source":"const query = new URLSearchParams({\n  action_token: '[ACTION_TOKEN]',\n}).toString();\n\nconst resp = await fetch(\n  `https://api.transmitsecurity.io/risk/v1/recommendation?${query}`,\n  {\n    method: 'GET',\n    headers: {\n      Authorization: 'Bearer [ACCESS_TOKEN]',\n    },\n  }\n);\n","lang":"javascript"},"children":[]}]},"headings":[{"value":"Flutter plugin quick start","id":"flutter-plugin-quick-start","depth":1},{"value":"How it works","id":"how-it-works","depth":2},{"value":"Requirements","id":"requirements","depth":2},{"value":"Before you start","id":"before-you-start","depth":2},{"value":"Step 1: Get client credentials","id":"step-1-get-client-credentials","depth":2},{"value":"Step 2: Install the plugin","id":"step-2-install-the-plugin","depth":2},{"value":"Step 3: Configure the plugin","id":"step-3-configure-the-plugin","depth":2},{"value":"Add Maven repository","id":"add-maven-repository","depth":3},{"value":"Update build.gradle","id":"update-buildgradle","depth":3},{"value":"Update AndroidManifest.xml","id":"update-androidmanifestxml","depth":3},{"value":"Update strings.xml","id":"update-stringsxml","depth":3},{"value":"Create TransmitSecurity.plist","id":"create-transmitsecurityplist","depth":3},{"value":"Step 4: Initialize the plugin","id":"step-4-initialize-the-plugin","depth":2},{"value":"Step 5: Wire navigation observer","id":"step-5-wire-navigation-observer","depth":2},{"value":"Step 6: Use the Flutter plugin","id":"step-6-use-the-flutter-plugin","depth":2},{"value":"Step 7: Fetch recommendations","id":"step-7-fetch-recommendations","depth":2}],"frontmatter":{"markdown":{"toc":{"depth":2}},"seo":{"title":"Flutter plugin quick start"}},"lastModified":"2026-06-23T11:07:36.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/guides/risk/quick_start_flutter","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}