Introduction

To get passkeys smoothly implemented, you need to adapt the following settings in the Corbado developer panel (not in your code):
  1. Relying party ID
  2. Native app settings (only for native Android or iOS apps)
  3. Authorized origins (for production deployments)
  4. CNAME (for production deployments)
For each of these settings, we provide recommendations and examples in the URL Overview site.

1. Relying party ID

The relying party ID is a crucial setting when working with passkeys and ensures that the passkey can only be used on the intended domain. Please see also our Relying Party ID page to get more details or find recommendations and examples in the URL Overview page. The relying party ID an be defined in Settings > General > URLs. Relying Party ID

2. Native app settings

If you want to integrate Corbado with your native Android or iOS app, you have to register your native app here. Native app settings can be defined in Settings > Native apps. Native App Settings

3. Authorized origins

The authorized origin is the full URL (incl. protocol & port, no path) that the user sees in the browser and from where JavaScript calls to Corbado are made. Please see also our URL overview for authorized origins to get more details, examples and recommendations. Authorized origins can be defined Settings > General > Authorized origins. Authorized Origins Settings

4. CNAME

Define the CNAME DNS address (no protocol, port or path) that can be used instead of Corbado’s default Frontend API URL. The CNAME needs to point to <project ID>.frontendapi.cloud.corbado.io. Please see also our URL overview for CNAME to get more details, examples and recommendations. The CNAME can be defined here Setting > General > Domains CName Settings