Learn how to integrate passkey authentication into your web application using the Corbado Web UI Components. This guide covers setup, passkey enrollment, login, and management.
appendTokenProvider
to request a connect token from your backend.
For detailed instructions on how to implement the required endpoint in your backend, please refer to our Backend Setup guide.
post-append
action is triggered after successful passkey creation. Here’s an example of how you might implement this action:
post-login
action to create and return an access token. This approach minimizes the integration effort while maintaining security.
Here’s how the flow typically works:
The implementation involves creating a post-login
action:
onComplete
callback will be provided in the subsequent sections.
onComplete
callback needs to send the signedPasskeyData to your verification endpoint and redirect to the profile page:
result
object, simplifying the frontend logic:
connectTokenProvider
function is the bridge to your backend. It’s responsible for fetching a connect token from your backend for the specific action (passkey-list
, passkey-append
, or passkey-delete
) the user wants to perform. The implementation of this endpoint is described in our Backend Setup guide.
When a user opens the page, the component will call connectTokenProvider('passkey-list')
to get a token to display the existing passkeys. If they try to delete a passkey, it will call connectTokenProvider('passkey-delete')
, and so on. This ensures every action is explicitly authorized by your backend for the currently authenticated user.