This guide explains how to use the PasskeyManager
class to register a new passkey within your iOS application. We’ll cover the necessary configurations and provide code examples with detailed explanations.
apple-app-site-association
file that specifies the app identifiers allowed to access credentials. The file should be available at:
<your-app-prefix>
and <your-app-bundle-id>
with your actual App ID prefix and bundle identifier.
PasskeyManager
.
Import Required Modules
ViewController
or relevant class, import the necessary modules:Initialize PasskeyManager
PasskeyManager
, providing the Relying Party Identifier and the presentation anchor.Set Up User Interface
PasskeyManager
requires two parameters:rpId
: The relying party identifier, typically your domain. This must match the domain configured in the Associated Domains entitlement and the apple-app-site-association
file.presentationAnchor
: The window in which the authentication services will present UI, usually obtained from view.window
.Register for Notifications
Cleanup
Implement Notification Handlers
PasskeyRegistrationResult
to sign up a new user by creating a sub-organization using the TurnkeyClient
from the TurnkeySDK.
Initialize TurnkeyClient with Proxy
TurnkeyClient
with a proxy server URL using the ProxyMiddleware
. This configuration is essential for situations where the parent organization’s API keys are required to authenticate requests for creating a sub-organization. Your backend should relay the request to the Turnkey API, ensuring it is authenticated with the parent organization’s API keys.X-Turnkey-Request-Url
header to each request, which contains the original request URL. For more details, see the Proxy Middleware guide.Attestation Object
PasskeyRegistrationResult
.Define Parameters
passkeyRegistrationResult
we received in the previous step to create a passkey authenticator for this new sub-organization.Create Sub-Organization
TurnkeyClient
to create the sub-organization with the provided parameters.Handle the Response
createSubOrganization
call to retrieve information about the new sub-organization and root users.