Unified user profile for mini-programs in Super App

NOVASOLUTIONS.TECHNOLOGY is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Unified user profile for mini-programs in Super App
Medium
~2-3 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1052
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Unified User Profile Implementation for Mini-Programs in Super App

Super App — container application where independent mini-programs run: marketplace, taxi, delivery, finance, government services. Key principle: user logs in once, all mini-programs get profile without re-authentication. Architecture of this mechanism determines platform's security and UX.

Unified Profile Architecture

Super App stores master user profile: ID, name, avatar, verified email and phone, payment methods, addresses, KYC status. Mini-programs get only what they requested — principle of least privilege.

Data transmission mechanism: on mini-program launch, Super App passes short-lived token (not master JWT) with limited scope. Mini-program uses this token to call its backend, which validates it via Super App Auth Service.

Super App ──launch(miniProgramToken)──► Mini Program
Mini Program ──validateToken──► Super App Auth API
Super App Auth API ──{userId, allowedScopes}──► Mini Program Backend

Profile Transmission Implementation

On Flutter, mini-programs can be implemented as Flutter modules loaded dynamically. Super App passes profile via Platform Channel:

// Super App — sending profile to mini-program
class MiniProgramHost {
  static const _channel = MethodChannel('super_app/mini_program_bridge');

  Future<void> launchMiniProgram(String miniProgramId) async {
    final token = await authService.generateMiniProgramToken(
      miniProgramId: miniProgramId,
      scopes: ['profile.basic', 'phone.verified'],
      expiresIn: Duration(minutes: 30),
    );

    await _channel.invokeMethod('launch', {
      'miniProgramId': miniProgramId,
      'token': token,
      'theme': ThemeManager.current.toJson(),
    });
  }
}

For React Native mini-programs similarly via Native Module. For WebView-based mini-programs (like WeChat mini-programs) — via postMessage with origin check.

Scope and User Consent

User must know what data each mini-program gets. On first mini-program launch, Super App shows consent screen: "App X requests access to your name, phone number, and order history. Allow?"

Consent stored in Super App profile, not requested again. User can revoke permission in profile settings — then mini-program on next open gets token without scope rights, and its backend must handle limited access.

Session Management

If user logs out of Super App (or session expires) — all mini-programs must know immediately. Mechanism: Super App broadcast via Platform Channel to all active mini-programs session_expired event. Each mini-program must handle it and block further actions until re-authorization.

Unified profile + secure token transmission mechanism + consent screens + session event handling — 3–5 weeks. Cost estimated individually depending on mini-program count and platform.