1. Introduction
When it comes to storage, the integration between Corbado Connect and your authentication system is straightforward and requires no changes to your existing database infrastructure.2. Architecture
All passkey data is stored within Corbado Connect, including:- Passkeys and WebAuthn credentials: Securely stored with enterprise-grade encryption
- User metadata: Minimal identifiers needed to link your users with their passkeys
- Authentication logs: Audit trails for passkey operations and user activities
Corbado Connect only stores the public key of the passkey. The private key is never stored and is never accessible to Corbado Connect.
3. Portability
Corbado Connect ensures you maintain full control over your data:- Export capabilities: Passkeys can be exported at any time, fully automated to any external system including yours
- Standard compliance: All data follows WebAuthn and FIDO2 standards for maximum portability
- Migration support: Complete data migration assistance available when needed
See our documentation on Passkey Export for more details including field descriptions and an example import implementation for the JavaScript/TypeScript SimpleWebAuthn library.
4. Security & Compliance
All storage meets the highest security standards:- ISO 27001 certified: Information security management system compliance
- SOC 2 Type II: Rigorous security, availability, and confidentiality controls
- Enterprise encryption: Data encrypted at rest and in transit
- Regular audits: Continuous security assessments and penetration testing
- No personal information: Corbado Connect does not durably store any personal data (such as names, emails, or phone numbers).
5. System Integration
Corbado Connect stores your user ID to seamlessly connect both systems during:- Passkey Enrollment: Links new passkeys to existing user accounts
- Passkey Login: Validates passkey ownership against the correct user
- Passkey Management: Ensures passkey operations are performed by authorized users