Skip to main content

Passkey Authentication in AuthAction

Passkey authentication is a passwordless authentication mechanism that leverages device-based credentials for a more secure and user-friendly experience. This guide covers how to enable and use passkey authentication for signup and login in AuthAction.

Enabling Passkey Authentication

To enable passkey authentication in AuthAction:

  1. Navigate to the Database Connection Settings

    • Go to the AuthAction Dashboard.
    • Open the Database Connection.
    • Locate the Enable Passkey in database connection settings page.

    Enable Passkey Authentication

  2. Enable Passkey Authentication

    • Toggle the switch to enable passkey authentication for your database connection.
    • Save the changes.
    • Make sure that connection enabled in applications.

Setting Up a Passkey During Signup

When a new user signs up, they can set up a passkey as follows:

  1. Go to the Signup Page

    • Navigate to the Application signup page.
    • Fill in the required user details (such as email and name).

    Signup Page

  2. Setup a Passkey

    • When prompted, choose the option to Set up a Passkey.
    • A pop-up will appear asking for biometric authentication or a security key confirmation.

    Passkey Setup During Signup

    • Complete the device authentication process.

  3. Complete Signup

    • Once the passkey is registered successfully, the user is signed up.
    • They can now use passkey authentication for future logins.

Logging in With a Passkey

To log in using a passkey:

  1. Go to the Login Page

    • Open the Application login page.
    • Click on Login with Passkey.

    Login Page

  2. Authenticate Using a Passkey

    • A pop-up will appear asking for biometric verification or security key authentication.

    Passkey Selection

    • Authenticate using the registered passkey.

    Login with Passkey

  3. Access Granted

    • Upon successful authentication, the user is logged in without entering a password.

Security Considerations

  • Passkeys are device-bound, meaning they are stored securely on the user's device and cannot be phished.
  • Users should register passkeys on multiple trusted devices to avoid lockout issues.
  • Fallback authentication (such as email-password-based login) should be possible in case the user loses access to their passkey.

Managing Passkeys

Admin can manage their users passkeys from the User Details page:

  • Go to the AuthAction Dashboard.
  • Open the Users tab.
  • Go to User Details page of that specific user.
  • Passkeys: See a list of all registered passkeys.
  • Remove a Passkey: Delete a registered passkey if no longer needed.

User Passkeys

Conclusion

Passkey authentication in AuthAction enhances security by eliminating the need for passwords while providing a seamless login experience. Enabling passkey authentication is simple, and admin can manage their users passkeys effortlessly through the dashboard.