Register passkey
Create passkeys for new users.
Prerequisites
Complete the steps in Quickstart to create a Passage app and install the necessary SDKs.
Guide
Start the authentication flow
Provide a button or link for users to begin registering passkeys.
Use the canRegisterPasskey()
helper from Passkey Flex JavaScript SDK to conditionally render the button. This makes sure the passkey flow is only available to users who have the ability to register passkeys.
import { canRegisterPasskey } from 'passage-flex-js';
canRegisterPasskey() && <a onClick={handleCreatePasskeyClick}> Create passkey </a>;
Get transaction ID
Get a transaction ID from the Passkey Flex Backend for each user. Learn more about transactions.
Create the user in your database, then call Passkey Flex with the user's external identifier. You must create a unique external ID to associate with the user in your database and the Passage database.
app.post('/passkey/register', async (req: Request, res: Response) => {
const user = await User.create({
email: req.body.email,
passageExternalId: "UUID-string" // Save a unique passage identifier to each user.
});
const transactionID = await passage.createRegisterTransaction({
externalId: user.passageExternalId, // Same passage identifier saved to your DB
passkeyDisplayName: user.email,
});
});
Learn more about the Node.js Flex SDK
Register passkey
Initialize a Passkey Flex instance using your app ID found in the Passage console.
Register the user using the transaction ID you retrieved in step 2.
import { PassageFlex } from '@passageidentity/passage-flex-js';
const passage = new PassageFlex(appID);
function async onCreatePasskeyClick() {
// Make a request to the server
const transactionID = // Result of request to example '/passkey/register' endpoint
// Register the new passkey to the user
const nonce = await passage.passkey.register(transactionID);
}
Learn more about the JavaScript Flex SDK
Passkey Flex triggers the WebAuthn (opens in a new tab) flow and the passkey is created on the user's device.
Validate the user
The Passkey Flex JavaScript library returns a nonce to your frontend. You can use the nonce to verify that Passage has registered the user successfully. Learn more about nonces.
Once verified you can then safely generate a token compatible with your system.
const externalId = await passage.verifyNonce(nonce);
Learn more about the Node.js Flex SDK