Passkey and Safari

Safari doesn't decide whether to create a passkey or sign in with one; that's up to the website. If a site calls credentials.create you'll see a passkey creation sheet, and if the site calls credentials.get you'll see a passkey sign in sheet.

Some sites with older WebAuthn implementations may use cookies to "remember" whether you've used a WebAuthn credential (such as a passkey) on the current device, and will use that to decide whether to create a new credential or sign in with an existing one. This behavior was reasonable before passkeys were available, but is not a good approach with passkeys due to the confusing behavior you've described.

@garrett-davidson I understand your point, but what if service doesn't know if a passkey was created passkey before. Firstly I call credentials.create and in the 'excludeCredentials' param I put the 'id' of the key which was created . I understand that I should then get an 'InvalidStateError' indicating that this credential already exists and I can redirect to credentials.get. It is working when I don't clear the cache. But when I clear the cache of safari I didn't get this error and redirection to credentials.get function. It force me to create new one. Then I have two passkeys on my apple device.