Create a User Passkey Session

A passkey session is an expiring session enabled by an initial passkey authentication. You could think of this as a “lightning mode” of sorts: creating a passkey session allows users to authenticate subsequent requests touch-free. Under the hood, this is powered by our indexedDbStamper. These sessions are enabled by creating a short-lived embedded API key in the browser, stored in localStorage, and cryptographically scoped to a public key generated by IndexedDB.

By calling loginWithPasskey(), the SDK stores the session and active client in localStorage. The signing key material remains securely stored in the browser’s IndexedDB and is never extractable. Turnkey uses this public key to scope and encrypt the session to the appropriate user.

Steps using `@turnkey/sdk-react`

This process is made seamless by leveraging our React package. Read on for a non-React implementation below.

Initialize the React Provider

import { TurnkeyProvider } from "@turnkey/sdk-react";

const turnkeyConfig = {
  apiBaseUrl: "https://api.turnkey.com",
  defaultOrganizationId: process.env.TURNKEY_ORGANIZATION_ID,
  rpId: process.env.RPID,
};

...

<div className="App">
  <TurnkeyProvider config={turnkeyConfig}>
    {/* Your app components */}
  </TurnkeyProvider>
</div>

import { useTurnkey } from "@turnkey/sdk-react";

const { passkeyClient, indexedDbClient } = useTurnkey();

await indexedDbClient.init();
const publicKey = await indexedDbClient.getPublicKey();

await passkeyClient.loginWithPasskey({
  publicKey,
  sessionType: "SESSION_TYPE_READ_WRITE", // or "SESSION_TYPE_READ_ONLY"
  expirationSeconds: 900,
});

Use the session to make requests

const { getActiveClient } = useTurnkey();
const client = await getActiveClient();

const whoami = await client.getWhoami({
  organizationId: <your-org-id>,
});

getActiveClient() returns the currently active client (e.g. IndexedDb-backed), refreshing automatically if needed.

Alternative Steps (non-React)

Initialize the Passkey and IndexedDB Clients

import { Turnkey } from "@turnkey/sdk-browser";

const turnkey = new Turnkey({
  apiBaseUrl: "https://api.turnkey.com",
  defaultOrganizationId: process.env.TURNKEY_ORGANIZATION_ID,
});

const passkeyClient = turnkey.passkeyClient();
const indexedDbClient = turnkey.indexedDbClient();

await indexedDbClient.init();

const publicKey = await indexedDbClient.getPublicKey();

await passkeyClient.loginWithPasskey({
  publicKey,
  sessionType: "SESSION_TYPE_READ_WRITE", // or "SESSION_TYPE_READ_ONLY"
  expirationSeconds: 900,
});

Use the session to make requests

const whoami = await turnkey.getWhoami({
  organizationId: <your-org-id>,
});

Once loginWithPasskey completes, the session is stored in localStorage and all requests are signed using the IndexedDb-backed keypair.

Authenticate a User with a Passkey Credential Create a User with Email Only

Get started

Products

Crypto ecosystems

Developers

Create a User Passkey Session

Steps using `@turnkey/sdk-react`

Alternative Steps (non-React)

Get started

Products

Crypto ecosystems

Developers

​Steps using @turnkey/sdk-react

​Alternative Steps (non-React)

Steps using `@turnkey/sdk-react`

Alternative Steps (non-React)