Local multi-device testing with ngrok

Use ngrok to develop and test with multiple devices locally on your machine


ngrok makes local web applications reachable over the internet with a single command. The following steps show the setup and usage of ngrok for testing your Corbado setup locally with multiple devices.
This guide assumes that you've setup your account in the Corbado developer panel. If you haven't done so, please check Getting started.
Testing your local setup with ngrok allows Corbado to communicate with your local system, e.g. to access the application from different devices. In production or staging mode, system are often accessible over the internet anyways but for local developing and testing ngrok saves a ton of work.

1. ngrok setup

  1. 1.
    Sign up for a free ngrok account at and follow the instructions.
  2. 3.
    Go to the "Your Authtoken" section in the ngrok dashboard. There copy your token and add it to your ngrok installation by executing:
ngrok config add-authtoken <your-authtoken>

2. Run your application

For this guide, we assume you are using a Node.js app. If you are using a different framework / programming language, just change the run commands to start your (backend) application.

2.1 Install the dependencies and run the (backend) application

// Node.js example
npm install
npm run start

2.2 Launch ngrok to connect it to your application

The ngrok http <port> command starts the ngrok tunnel on the specified port. Our application runs on port 8080, so we'll execute
ngrok http 8080
The terminal will display something like the following:
Copy the ngrok URL in the red box which is needed for the Corbado developer panel.
Please open the ngrok URL in the browser before proceeding and confirm the usage.
Please use the ngrok URL as testing URL (instead of localhost) in your browser!

3. Set the ngrok URL in the Corbado developer panel

Note that this step is only required if you project is in environment PROD. If you are in environment DEV you can skip this.
Add a new authorized origin with the ngrok URL and add localhost, including protocol (http) and port in "Settings" - "General" - "Authorized origins":
Authorized origins for localhost and ngrok

4. Update your Relying Party ID

As passkeys / WebAuthn are phishing-resistant and passkeys are bound to a domain during creation (Relying Party ID), you need to make sure that the browser URL is the same domain or a subdomain of the Relying Party ID. Thus, you need to update the Relying Party ID for ngrok as well:
Note that all passkeys created for the existing Relying Party ID (e.g. "localhost") are not working anymore, as well as creating passkeys from the old domain doesn't work anymore as well.