Email recovery shines if you are leveraging sub-organizations to create embedded wallets for your users. This allows your users to recover their Turnkey account if something goes wrong with their passkeys, and keeps you out of the loop: we engineered this feature to ensure your organization is unable to take over sub-organizations even if it wanted to.
recovery.turnkey.com
meant to be embedded as an iframe element (see the code here). This ensures the recovery credentials are encrypted to keys that your organization doesn’t have access to (because they live in the iframe, on a separate domain)@turnkey/iframe-stamper
yoursite.xyz
clicks “recovery”, and a new recovery UI is shown. We recommend this recovery UI be a new hosted page of your site or application, which contains language explaining to the user what steps they will need to take next to complete recovery. While the UI is in a loading state your frontend uses @turnkey/iframe-stamper
to insert a new iframe element:INIT_USER_EMAIL_RECOVERY
activity with the user email and the iframe public key in the parameters. Note: you’ll need to retrieve the sub-organization ID based on the user email.@turnkey/iframe-stamper
to sign a new RECOVER_USER
activity:RECOVER_USER
activity is successfully posted, the recovery is complete! If this activity succeeds, your frontend can redirect to login/sign-in or perform crypto signing with the new passkey.