Go live
To deploy your project to production some changes need to be made in order ensure stricter security.
If you've successfully developed and tested your product locally or on a staging server, some changes need to made (some cannot be reversed for a Corbado project).
Set a final Relying Party ID here, where passkeys are bound to. Note that all passkeys you created and used during development and testing will not work anymore once this value is changed. That's also why a later change in production is not possible anymore (as it would invalidate all existing, working passkeys in production).
dig cname <CNAME>
The result should be:
<CNAME>: 43200 IN CNAME <project ID>.frontendapi.corbado.io
It can take up to 5 minutes until Corbado has registered your CNAME.
If you use one of our Backend SDKs, you need to update the Frontend API URL to be the same like the defined CNAME (otherwise you could get a JWT validation error because the
iss
JWT claim would not match anymore). See details here:Update Redirect URL and Application URL here and Webhooks URL here. These values can be changed later.
Create a new API secret here that is only valid for production in order to prevent the leakage of a development's API secret.