Customer Authentication for Mobile App Using InfusionSoft OAuth2 Integration

We are currently developing a mobile app in Flutter and are attempting to require customer logins for authentication via InfusionSoft’s OAuth2. I’ve read through the IS OAuth2 docs and watched John B’s “Using OAuth2 and Infusionsoft API/REST“ video and am still having an incredibly challenging time trying to figure out the flow of the process. I understand that the users must allow access to the app and if they are not logged in then they’ll have to log in and then explicitly click the “allow” button to grant access. Is this done by the user being redirected and logging in at It appears so, but all of the contact/member test accounts I’m using are unable to log in here. I’m unsure if contact/member accounts should be able to log in here or if there is another location to direct them to like our InfusionSoft app URL.

We’ve implemented the OAuth2 package in Flutter, coded the authentication with the clientID, clientSecret, scope, tokenEndpoint, authorizationEndpoint, and redirectUrl according to the Keap docs. The app does access the authorizationEndpoint of via the Flutter http package with no errors and does prompt for a login. Without the proper request format I get errors in the UI, so I’m assuming the Flutter OAuth2 package is formatting everything correctly.

None of our customers log into InfusionSoft directly. They only ever access CustomerHub. This is a source of confusion as well. The folks at CustomerHub informed us that do not currently have a public API and that all authentication will need to be done against InfusionSoft as the member/contact information is stored there.

Could someone confirm for me that my InfusionSoft contacts/members should be able to log in via ‘’ to allow access to the mobile app? If so, I can start looking at reasons that my test users aren’t able to log in. If there is any other details you think I’m missing please inform me. I feel like we’re super close.

Thanks in advance,