How to securely integrate the Passkey UI using iframes and browser sessions.
Initiate Passkey Session
create
or auth
), and receive a hosted UI URL.Embed Hosted UI
iframe
with the correct WebAuthn permissions.Handle Authentication Result
authz_complete
containing a sessionToken
and the onchain passkey address. On error, a message of type authz_error
will be sent with an error description. You can also extract these values from the redirect URL if using a full-page redirect.Initiate Passkey Session
Open Hosted UI in Browser
WebBrowser.openAuthSessionAsync
.Process Redirect Result
userPresent
must be true
in the WebAuthn authenticator response-7
) is supportedaction: "create"
and submit againauth.yourcompany.com
) for branding or compliance requirements, see Custom Domain.