This is an Expo module to help you create and authenticate with passkeys on iOS, Android & web with the same api. The library aims to stay close to the standard navigator.credentials
. More specifically, we provide an api for get
& create
functions (since these are the functions available cross-platform).
The adaptations we make are simple niceties like providing automatic conversion of base64-url encoded strings to buffer. This is also done to make it easier to pass the values to the native side.
Further niceties include some flag functions that indicate support for certain features.
npx expo install react-native-passkeys
For Passkeys to work on iOS, you'll need to host an AASA file on your domain. This file is used to verify that your app is allowed to handle the domain you are trying to authenticate with. This must be hosted on a site with a valid SSL certificate.
The file should be hosted at:
https://<your_domain>/.well-known/apple-app-site-association
Note there is no .json
extension for this file but the format is json. The contents of the file should look something like this:
{
"webcredentials": {
"apps": ["<teamID>.<bundleID>"]
}
}
Replace <teamID>
with your Apple Team ID and <bundleID>
with your app's bundle identifier.
Add the following to your app.json
:
{
"expo": {
"ios": {
"associatedDomains": ["webcredentials:<your_domain>"]
}
}
}
Replace <your_domain>
with the domain you are hosting the AASA file on. For example, if you are hosting the AASA file on https://example.com/.well-known/apple-app-site-association
, you would add example.com
to the associatedDomains
array.
Add the following to your app.json
:
{
"expo": {
"plugins": [
[
"expo-build-properties",
{
"ios": {
"deploymentTarget": "15.0"
}
}
]
]
}
}
npx expo prebuild -p ios
npx expo run:ios # or build in the cloud with EAS
For Passkeys to work on Android, you'll need to host an assetlinks.json
file on your domain. This file is used to verify that your app is allowed to handle the domain you are trying to authenticate with. This must be hosted on a site with a valid SSL certificate.
The file should be hosted at:
https://<your_domain>/.well-known/assetlinks.json
and should look something like this (you can generate this file using the Android Asset Links Assistant):
[
{
"relation": ["delegate_permission/common.handle_all_urls"],
"target": {
"namespace": "android_app",
"package_name": "<package_name>",
"sha256_cert_fingerprints": ["<sha256_cert_fingerprint>"]
}
}
]
Replace <package_name>
with your app's package name and <sha256_cert_fingerprint>
with your app's SHA256 certificate fingerprint.
Next, you'll need to modify the compileSdkVersion
in your app.json
to be at least 34.
{
"expo": {
"plugins": [
[
"expo-build-properties",
{
"android": {
"compileSdkVersion": 34
}
}
]
]
}
}
npx expo prebuild -p android
npx expo run:android # or build in the cloud with EAS