Passkey Configuration
To provide a smooth passkey experience, various settings can be configured with Corbado.
Introduction
These settings directly impact the passkey experience during sign-up and login and define what screens the user is going to see.
The following settings can be adapted in the Developer Panel in the Settings>Use interface>Passkeys page:
- Passkey pop-up frequency: Frequency for prompting users without a passkey to add one
- Cross-Device Authentication Strategy: What strategy should be used for Cross-Device Authentication
1. Passkey pop-up frequency
If a passkey is not created during the sign-up process, the user can be offered the option to append a passkey after logging using a fallback method. This setting allows adjusting the frequency at which a user without a passkey is prompted to append one. The options range from every login to once every 3 months.
2. Cross-Device Authentication Strategy
Cross-Device Authentication (CDA) allows users to use a passkey from one device (CDA authenticator) for authentication on another device (CDA client), facilitating seamless access across diverse platforms.
While the two involved devices can come in a lot of different combinations, the most popular one is a desktop computer accessing a website and a smartphone holding the passkey, and processing the actual authentication.
Read our glossary entry and blog posts if you need more details and background information:
- Glossary entry: What is CDA (Cross-Device Authentication) in WebAuthn?
- Blog post: WebAuthn Passkey QR Codes & Bluetooth: Hybrid Transport
- Blog post: WebAuthn Cross-Device-Authentication: Passkeys via Mobile-First Strategy
The Cross-Device Authentication strategy setting defines how Corbado’s UI component behaves during sign-up and login:
| Strategy | Sign-up | Login |
|---|---|---|
| Minimize | CDA is not offered during sign-up | CDA cannot be used for login |
| Standard (default) | CDA is not offered during sign-up | CDA can be used for login (e.g. using a passkey created directly on your smartphone) |
| Maximize | CDA is the only shown option (e.g. via QR code & hardware security key) | CDA can be used for login (e.g. using a passkey created directly on your smartphone) |
Since the CDA strategy is an advanced setting, we recommend leaving it at the default setting (standard). If you need help or have questions, please do not hesitate to contact us.