Skip to content
AuthAction Documentation

Passkey Authentication

Passkey authentication uses device-bound credentials to provide passwordless sign-in. This guide explains how to enable and configure passkey authentication for signup and login in AuthAction.

Enabling Passkey Authentication

Section titled “Enabling Passkey Authentication”

To enable passkey authentication in AuthAction:

  1. Navigate to the Database Connection Settings

    • Go to the AuthAction Dashboard.
    • Open the Database Connection.
    • Locate the Enable Passkey option on the database connection settings page.

    AuthAction dashboard showing the Enable Passkey toggle in database connection settings

  2. Enable Passkey Authentication

    • Toggle the switch to enable passkey authentication for your database connection.
    • Save the changes.
    • Ensure the connection is enabled for your application.

Setting Up a Passkey During Signup

Section titled “Setting Up a Passkey During Signup”

When a new user signs up, they can set up a passkey as follows:

  1. Go to the Signup Page

    • Navigate to the Application signup page.
    • Fill in the required user details (such as email and name).

    AuthAction signup page with email and name input fields

  2. Setup a Passkey

    • When prompted, choose the option to Set up a Passkey.
    • A pop-up will appear asking for biometric authentication or a security key confirmation.

    Browser prompt to create a passkey during the signup flow

    • Complete the device authentication process.

  3. Complete Signup

    • Once the passkey is registered successfully, the user is signed up.
    • They can now use passkey authentication for future logins.

Logging in With a Passkey

Section titled “Logging in With a Passkey”

To log in using a passkey:

  1. Go to the Login Page

    • Open the Application login page.
    • Click on Login with Passkey.

    AuthAction login page with the Login with Passkey option

  2. Authenticate Using a Passkey

    • A pop-up will appear asking for biometric verification or security key authentication.

    Browser dialog showing available passkeys for authentication

    • Authenticate using the registered passkey.

    Biometric verification prompt during passkey login

  3. Access Granted

    • Upon successful authentication, the user is logged in without entering a password.

Security Considerations

Section titled “Security Considerations”
  • Passkeys are device-bound, meaning they are stored securely on the user’s device and cannot be phished.
  • Users should register passkeys on multiple trusted devices to avoid lockout issues.
  • Fallback authentication (such as email-password-based login) should be possible in case the user loses access to their passkey.

Managing Passkeys

Section titled “Managing Passkeys”

Administrators can manage user passkeys from the User Details page:

  1. Open the AuthAction Dashboard and go to Users.
  2. Select a user to open their User Details page.
  3. View all registered passkeys in the Passkeys section.
  4. Remove a passkey by clicking Remove next to the credential.

AuthAction dashboard showing registered passkeys in the User Details page

Summary

Section titled “Summary”

Passkey authentication eliminates passwords while providing phishing-resistant security. Enable it in the database connection settings and manage credentials through the User Details page.