Generating Passkeys

Firstly massive thank you to the Passkeys team at Apple for opening up the APIs to allow third-party password manager apps to save and autofill Passkeys in iOS 17! I wasn't expecting this so soon. Incredible work.

I have successfully implemented the new methods on ASCredentialProviderViewController, up to the point where our app's extension is now being presented when a user is prompted to "Create a passkey?". However two things are not entirely clear to me from this point on:

  1. When the user chooses our app to create a password by tapping "Continue", the prepareInterfaceToProvideCredential(for credentialRequest: ASCredentialRequest) method is called. Should I be handling passkey creation within this method? Really at this point I was expecting prepareInterface(forPasskeyRegistration: to be called instead.

  2. Are new passkeys automatically generated and returned by AuthenticationServices during this flow, or is it down to the developer to generate a new passkey here? I ask because the documentation for prepareInterface(forPasskeyRegistration: seems to imply the former, stating: "This method will present your extension's UI for user authentication before creating the passkey."

Thanks again.

Post not yet marked as solved Up vote post of codecomet Down vote post of codecomet
1.4k views
Posted by
codecomet
Reply
Add a Comment

Replies

Glad to hear you're excited!

  1. We've received Feedback that there's an issue in the current beta with registration specifically in Simulator for iOS. If you're seeing this anywhere else, please file Feedback with a screen recording and sysdiagnose 🙂.

  2. It is up to the developer to generate the passkey. If you choose to show UI in this method, it might be some kind of additional confirmation your user should perform, or an unlock step, or a selection screen for where to store the passkey within your app; to list some examples. You can then use the request object to read all of the options for the request and generate the passkey however makes sense for your app.

Posted by
garrett-davidson
Post not yet marked as solved Up vote reply of garrett-davidson Down vote reply of garrett-davidson

  • Thank you for the clarification too!!

    About the 2. comment: Could you share some documentation to help us on how to correctly generate the passkey? It seems is not so simple to do that! 😬

    daviorze

  • This is mostly up to you. You need to decide the set of cryptographic signing algorithms that you will support and find a crypto library that supports those algorithms (for reference, passkeys in iCloud Keychain only support ES256). You also need to somehow store the additional metadata needed to display the passkey in UI and perform assertions, but how you do that is up to your app. As long as you find a library to do the cryptography for you, the rest of the implementation is pretty open.

    garrett-davidson
Add a Comment

Ah, OK that makes sense as I've been using the simulator solely.

If any other issues pop up I'll be sure to add them to Feedback Assistant.

Thanks for your help!

Posted by
codecomet
Up vote reply of codecomet Down vote reply of codecomet
Add a Comment

Hi, Is there any documentation how to integrate Passkey in password manager app for autofill?

Posted by
Maria-Elyware
Up vote reply of Maria-Elyware Down vote reply of Maria-Elyware
Add a Comment