A new version of IC-Auth has been released, offering developers a streamlined way to plug in popular Internet Computer wallets like Plug, Stoic, Internet Identity, and NFID into their applications. With version 1.1.0 now available, IC-Auth keeps things lightweight, modular, and straightforward for anyone building on DFINITY’s Internet Computer platform.
Rather than trying to be a full authentication solution bundled with UI decisions and rigid dependencies, IC-Auth hands control to developers. It focuses on providing the essential building blocks – type-safe login functions and clean TypeScript tools that connect with the most commonly used IC wallets. The goal is to let builders focus on their canister logic and app interface, without spending days working through login flows and agent setups.
The version bump to 1.x brings a number of changes. It drops legacy features and moves towards a cleaner architecture. One of the more visible shifts is that it no longer includes any built-in frontend or visual elements. That’s intentional. IC-Auth is meant to be framework-agnostic, so developers can bring their own interface and styling, whether they’re working with React, Svelte, or anything else.
On the technical side, the package now uses DFINITY’s updated agent APIs. It’s moved away from the older HttpAgent and instead uses Agent throughout, which matches the latest standards across IC tooling. Dependency libraries have been refreshed to current stable versions, and several leftover elements from earlier iterations have been removed – including the ‘hello canister’ and other sample assets that were previously embedded.
Installation remains straightforward via npm install ic-auth, and once installed, developers can import only what they need. That includes login methods for Plug, Stoic, NFID, and Internet Identity, along with a CreateActor helper and a shared UserObject type that gives a consistent structure to login results.
Each wallet option comes with its own nuances. Plug requires a whitelist of canister IDs and a host address, while Stoic has a cookie-related issue affecting logins in some browsers. NFID currently supports anonymous sessions only – meaning it works for most read interactions but not for payments or sessions that need delegation. These limitations are acknowledged, with plans for expansion flagged.
The core of the process starts with writing a simple async login function. Developers can handle user login, extract the UserObject, and then use it to display a principal, manage wallet-specific code, or trigger interactions with backend canisters. The CreateActor function makes that process faster by generating canister actors directly from the user’s agent and IDL file.
The updated package also makes it easier to work in local development environments. By setting the host parameter to point at a local DFX instance, developers can run and test their full login experience during development without needing to publish or host anything externally.
Beyond individual wallet logins, the package also supports multi-provider integration. That means developers can build a UI that lets users choose between Plug, Stoic, NFID, or Internet Identity, depending on what they’re most comfortable with. A code example walks through how to build such a menu, and it’s structured in a way that’s easy to expand upon – whether it’s for error handling, UI improvements, or additional login logic.
At its core, IC-Auth is not trying to reinvent the authentication process. It simply provides the right tools, lets developers stay in control of the user experience, and removes a lot of the friction from managing IC wallet logins. There’s no branding lock-in or UI overhead, and the functions provided are aimed at helping developers move faster without cutting corners on structure or compatibility.
For those working in the IC ecosystem – especially those focused on frontend-heavy apps where wallet login is a necessary but often clunky step – this package may offer a way to clean things up without needing to reinvent authentication from scratch. While not perfect, and with a few known bugs still on the radar for some wallets, it marks a move toward a more modular, developer-friendly toolkit.
With the wider IC community continuing to build dapps that need secure identity and wallet access, projects like IC-Auth are likely to remain in the spotlight for their ability to simplify those first steps. As authentication standards across IC mature and new wallet features come online, packages like IC-Auth may well evolve alongside them, keeping their focus on clarity, usability, and developer control.
Community Discussion