This guide demonstrates how to add a new credential (specifically, a passkey) to an existing wallet using the Turnkey SDK.
rpId
: The Relying Party Identifier, which is the effective domain of your application.apiBaseUrl
: The base URL of the Turnkey API: https://api.turnkey.com
defaultOrganizationId
: Your parent organization ID, which you can find in the Turnkey dashboard.What's the purpose of the rpId?
rpId
is used in WebAuthn to uniquely identify the server that the passkey is associated with. The rpId
is typically the effective domain of the web application, which is the domain portion of the URL without any subdomains. For example, if your application is hosted at app.example.com
, the rpId
would typically be example.com
. This ensures that credentials are scoped to the correct domain and cannot be used by other domains, enhancing security.TurnkeyProvider
in your app/layout.tsx
file:app/add-passkey.tsx
where we’ll implement the passkey functionality:login
function which will prompt the user to authenticate with their passkey. Additionally, this function will set the current user in local storage upon successful authentication, which will be used later when creating an additional authenticator.
login
function. We’ll need the userId
to create the authenticator in the final step.
createUserPasskey
function to create a new user passkey credential. Calling this method will prompt the user to create a passkey, which will be securely stored by their browser. This credential will be associated with the user’s account and used for future authentication. Once the credential is created, we’ll use it in the next step to create a new authenticator for the user.
login
function.
Complete add-passkey.tsx component
passkeyClient.login()
with passkeyClient.loginWithReadwriteSession()
:
useTurnkey
hook which will be initialized with the read/write session. The rest of the code remains the same.