← Back to docs
Recipe

Passkeys onboarding UX

A frictionless WebAuthn enrollment flow that converts users in under 15 seconds.

The flow

1
Prompt
Modal after first login
2
Biometric
OS-native dialog
3
Confirmed
Key stored on device

When to ask

  • Immediately after email-verified sign-up
  • On first login from a new device
  • Inside Settings → Security (always available)
  • Never during checkout or critical flows

Edge cases

Cross-device: QR-code bridge via caBLE. Desktop prompts phone to scan.

Fallback: If platform authenticator unavailable, offer security key path.

Recovery: Always keep email magic-link as backup. Never lock user out.

This recipe pairs with server-side passkey verification. Full implementation uses the WebAuthn browser API with navigator.credentials.create().