> ## Documentation Index
> Fetch the complete documentation index at: https://docs.corbado.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Passkey Creation: After Login of Non-MFA Account

> This flow explains how users log in native apps when no passkey is set up for a non-MFA account. The process ensures secure access and encourages passwordless adoption by combining traditional login and passkey creation opportunities.

## Passkey Creation For Non-MFA User Accounts

Users logging into a native app follow a standard login flow for non-MFA users with passkey append experience.

<Tabs>
  <Tab title="iOS" />

  <Tab title="Android" />
</Tabs>

<Info>
  **Product-Native Steps:** The blue background indicates optional product-native steps (e.g., verification code, setup PIN, enabling biometrics). **PIN and local biometrics are optional features** for protecting app access within sessions after passkey authentication completes. Learn more about [how passkeys and local biometrics work together](https://www.corbado.com/blog/passkeys-local-biometrics) to provide both secure remote authentication (passkeys) and convenient app protection (local biometrics).
</Info>

<Steps>
  <Step title="Login when user has no passkeys">
    * User enters their identifier (email/username) on the login page.
  </Step>

  <Step title="Fallback to traditional login method">
    * If no passkey exists for the account, the system falls back to the traditional login method (username and password).
  </Step>

  <Step title="Passkey append process initiates">
    * Once the user is logged in via traditional method, they are offered an option to create a passkey for future logins.
  </Step>

  <Step title="Passkey append process continues">
    * User continues with the passkey creation process.

    **4.a. OS-native biometric prompt appears**

    * OS biometric prompt modal appears asking the user to authenticate using fingerprint, face, or PIN for secure sign-in.
    * User successfully authenticates via biometrics.

    **4.b. Passkey creation successful**

    * User successfully creates a passkey and it is now linked with the user account for the respective native app.

    **4.c. System prompts for user verification**

    * The user is prompted to verify their account via a code sent through email or SMS.

    **4.d. Successful second factor verification**

    * User successfully completes the second factor verification.

    **4.e. App PIN setup**

    * User is asked to set up PIN.

    **4.f. Enable local biometric for app login**

    * User is allowed to enable/disable local biometric app login (provided as product feature).
  </Step>

  <Step title="Skips the passkey append process">
    * User skips the passkey setup process and continues with the second factor verification.

    **5.a. System prompts for user verification**

    * The user is prompted to verify their account via a code sent through email or SMS.

    **5.b. Successful second factor verification**

    * User successfully completes the second factor verification.

    **5.c. App PIN setup**

    * User is asked to set up PIN.

    **5.d. Enable local biometric for app login**

    * User is allowed to enable/disable local biometric app login (provided as product feature).
  </Step>
</Steps>