Passkey Creation For MFA User Accounts
Users logging into a native app follow a standard login flow for MFA users with passkey append experience.- iOS
- Android
Native: iOS passkey append, MFA accounts
Product-Native Steps: The blue background indicates optional product-native steps (e.g., verification code, setup PIN, enabling biometrics). PIN and local biometrics are optional features for protecting app access within sessions after passkey authentication completes. Learn more about how passkeys and local biometrics work together to provide both secure remote authentication (passkeys) and convenient app protection (local biometrics).
1
Login when user has no passkeys and has activated MFA
- User enters their identifier (email/username) on the login page.
2
Fallback to traditional login method
- If no passkey exists for the account, the system falls back to the traditional login method (username and password).
3
System prompts for user verification
- After successful password authentication, the user is prompted to verify their account via a code sent through email or SMS.
4
Passkey append process initiates
- Once the system verifies user identity, the user is offered an option to create a passkey for future logins.
5
OS-native biometric modal appears
- User chooses and continues to set up a passkey using fingerprint, face, or PIN for secure sign-in.
6
Passkey creation successful
- User successfully creates a passkey and it is now linked with the user account for the respective native app.
7
App PIN setup
- After successful passkey creation, the user is signed in and is asked to set up PIN.
8
Enable local biometric for app login
- User is allowed to enable/disable local biometric app login (provided as product feature).