UseThatApp Logo

    UseThatApp Documentation

    Add "Sign in with UseThatApp" and live licensing to your web application over standard OpenID Connect. UseThatApp is an OpenID Provider: users sign in with their UseThatApp account, and your app reads their live plan from the entitlement API — so you can ship free, Pro, and Enterprise experiences from a single codebase.

    How It Works

    One OpenID Connect login (OAuth 2.0 authorization code + PKCE) gives you two things at once — identity and the live plan:

    1. Sign in. Your app sends the user to UseThatApp with begin_login / beginLogin. They authenticate, then UseThatApp redirects back to your registered callback with a one-time code, which you exchange for tokens via complete_login / completeLogin. You get a stable, per-app, privacy-preserving sub (no PII).
    2. Read the plan. Whenever you need to gate features, call get_entitlement / getEntitlement with the access token. It's always authoritative — a canceled license stops being entitled immediately.

    The usethatapp SDK is a confidential, server-side client — it holds your client secret and validates ID tokens, so it never runs in the browser. See Sign in with UseThatApp for the full integration.

    Quick Example

    Sign the user in, then read their live entitlement whenever you need it:

    Python

    app.py
    from usethatapp import begin_login, complete_login, get_entitlement
    
    # In /login — send the user to UseThatApp:
    auth_url, flow_state = begin_login()
    session["uta_flow"] = flow_state
    return redirect(auth_url)
    
    # In /callback — exchange the code for tokens:
    s = complete_login(
        code=request.args["code"],
        state=request.args["state"],
        flow_state=session.pop("uta_flow"),
    )
    session["uta_access_token"] = s.access_token
    
    # Anywhere you gate features:
    ent = get_entitlement(session["uta_access_token"])
    if ent.entitled and ent.product_id == "<your-pro-product-id>":
        ...  # serve paid content

    JavaScript

    server.mjs
    import { beginLogin, completeLogin, getEntitlement } from "usethatapp";
    
    // In /login — send the user to UseThatApp:
    const { authorizationUrl, flowState } = await beginLogin();
    req.session.utaFlow = flowState;
    res.redirect(authorizationUrl);
    
    // In /callback — exchange the code for tokens:
    const s = await completeLogin({
      code: req.query.code,
      state: req.query.state,
      flowState: req.session.utaFlow,
    });
    req.session.utaAccessToken = s.access_token;
    
    // Anywhere you gate features:
    const ent = await getEntitlement(req.session.utaAccessToken);
    if (ent.entitled && ent.product_id === "<your-pro-product-id>") {
      // serve paid content
    }

    Why UseThatApp?

    One Login, Two Capabilities

    A single OpenID Connect sign-in gives you both identity (a per-app sub) and the live plan via the entitlement API.

    Standards-Based & Private

    Plain OAuth 2.0 / OpenID Connect with PKCE. Identity is a pairwise pseudonymous sub — no email, no PII shared.

    Any Framework

    Framework-agnostic SDK with tested examples for Flask, Django, FastAPI, Express, Next.js, and more.

    Supported Frameworks

    Choose your language to see the full list of framework guides, or jump straight to the Quick Start.