Skip to main content

Passkey Creation after Login Error (Autohealing)

When users experience errors during passkey login, the system intelligently falls back to traditional authentication and then offers to create a new passkey to replace the broken one. This autohealing mechanism ensures users can quickly recover access.

Common Scenarios Leading to Passkey Login Errors

Passkey login errors can occur in several situations:
  • Locally deleted passkeys: The user has deleted their passkey from their device or password manager
  • Different cloud account: The user is logged into a similar device they’ve used before, but it’s now connected to a different iCloud account (or different Google account on Android)
  • Logged-out password manager: The user has signed out of their password manager that stored the passkey

How Passkey Intelligence Enables Auto-Healing

Passkey Intelligence monitors the authentication flow and detects when passkey login fails repeatedly. After the user successfully authenticates via traditional methods, it automatically suggests creating a new passkey to heal the broken authentication state. This smart system helps identify underlying account or device synchronization issues while ensuring users can quickly recover access.
This autohealing mechanism is part of a broader passkey fallback and recovery strategy. Learn more about designing resilient authentication systems that handle passkey errors gracefully while maintaining security.
  • iOS
  • Android
append-after-error-ios-native.png

Native: iOS passkey append after error

NOTE: The blue background indicates product-native steps (e.g., verification code, setup PIN, enabling biometrics). Passkey creation is seamlessly embedded in your product journey.
1

User enters identifier

  • User enters their identifier (email/username) on the login page.
  • System now knows which user account is attempting to log in.
2

Passkey Intelligence detects existing passkey

  • Passkey Intelligence analyzes the user’s passkey availability.
  • It detects the user has a passkey registered and automatically initiates passkey login.
3

Passkey login errors occur

  • User encounters one or more passkey login errors.
  • Common causes: deleted passkey, different cloud account, logged-out password manager.
  • System recognizes repeated login failures.
4

Fallback to traditional login method

  • After multiple failed passkey login attempts, system falls back to traditional login method (username + password).
  • User successfully logs in using their password.
5

Autohealing: Passkey append initiates

  • Passkey Intelligence detects the broken passkey situation and triggers autohealing.
  • User is offered an option to create a new passkey to replace the broken one.
6

OS-native biometric modal appears

  • User continues to set up a new passkey using fingerprint, face, or PIN for secure sign-in.
7

Passkey creation successful (healing complete)

  • User successfully creates a new passkey, replacing the broken one.
  • The account is now healed with a working passkey.
8

App PIN setup

  • After successful passkey creation, the user is signed in and is asked to set up PIN.
9

Enable local biometric for app login

  • User is allowed to enable/disable local biometric app login (provided as product feature).
I