> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dfns.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Passkey settings migration

> Migrating from Application-bound rpId/origin to separate Passkey Settings.

<Warning>
  This migration is nearing completion. The `rpId` and `origin` properties will be removed from all Dfns Applications after the transition period ends. Update your client-side code now if you haven't already.
</Warning>

## What changed

Passkey domain configuration (`rpId` and `origin`) has moved from Dfns Applications to a dedicated **Settings > Passkeys** page in the dashboard. The relying party ID is no longer returned in challenge payloads. Your client-side code must specify it explicitly.

For full details on rpId rules, domain whitelisting, and mobile app setup, see [WebAuthn configuration](/guides/developers/webauthn-configuration).

## Required code change

Stop relying on the `rpId` returned in challenge payloads. Instead, specify the relying party explicitly when initializing your signer.

<Tabs>
  <Tab title="Web (TypeScript SDK)">
    Upgrade to `@dfns/sdk` and `@dfns/sdk-browser` v0.6.0+:

    ```typescript theme={null}
    // before
    const signer = new WebAuthnSigner()

    // after
    const signer = new WebAuthnSigner({
      relyingParty: { id: 'acme.com', name: 'Acme' }
    })
    ```
  </Tab>

  <Tab title="Web (no SDK)">
    Provide the relying party in `navigator.credentials.create()` and `navigator.credentials.get()`:

    ```typescript theme={null}
    // passkey creation
    const cred = await navigator.credentials.create({
      publicKey: {
        ...,
        rp: { id: 'acme.com', name: 'Acme' }
      }
    })

    // passkey usage
    const cred = await navigator.credentials.get({
      publicKey: {
        ...,
        rpId: 'acme.com'
      }
    })
    ```
  </Tab>

  <Tab title="React Native">
    Upgrade to `@dfns/sdk-react-native` v0.6.0+:

    ```typescript theme={null}
    // before
    const signer = new PasskeySigner()

    // after
    const signer = new PasskeySigner({
      relyingParty: { id: 'acme.com', name: 'Acme' }
    })
    ```
  </Tab>

  <Tab title="Flutter">
    Upgrade to `dfns_sdk_flutter` v0.0.5+:

    ```dart theme={null}
    // before
    final passkeysSigner = PasskeysSigner()

    // after
    final passkeysSigner = PasskeysSigner(
      relyingPartyId: 'acme.com',
      relyingPartyName: 'Acme'
    );
    ```
  </Tab>

  <Tab title="iOS (Swift)">
    ```swift theme={null}
    // before
    let signer = PasskeysSigner()

    // after
    let signer = PasskeysSigner(relyingPartyId: "acme.com")
    ```
  </Tab>
</Tabs>

## Dashboard setup

Whitelist your domains in **Settings > Passkeys**. All `rpIds` previously configured on your Applications have been pre-filled with `origins = *`.

You no longer need separate Applications per domain. If all your Applications have the same permissions, you can use a single Application ID everywhere.

## Related

<CardGroup cols={2}>
  <Card title="Configure WebAuthn" icon="gear" href="/guides/developers/webauthn-configuration">
    rpId rules, domain setup, mobile apps, and troubleshooting
  </Card>

  <Card title="Applications deprecation" icon="triangle-exclamation" href="/deprecation/applications-deprecation">
    Broader changes to the Application model
  </Card>
</CardGroup>