What is best practice regarding adding multiple devices?

I’m trying out https://demo-backend.passwordless.dev/

  1. Desktop registers and is able to login
  2. Laptop tries to login but fails with error: Passwordless signin failed: The operation either timed out or was not allowed

I guess this is because the registration happened on the desktop.

What is the preferred flow for registering the laptop during signin?
Trying to register the laptop with the same alias fails with error: Ooops! Alias is already in use by another user. Please choose a unique alias

Correct me if I’m wrong, but I belive I need passkeys/synchronize keys between devices for this to work.

Or it this a parameter already available in the register/token endpoint?


instead of:


Hi @ErlendSB and thank you for your question,
What you are running into is a limitation of the demo application.

Passkeys (and webauth credentials in general) absolutely support multiple devices per user.

  • On some ecosystems, the same Credential is automatically synced between devices (e.g. Apple iCloud Keychain).
  • When moving between ecosystems, passkey supports a QR code powered system (please see the second part on the video on https://passwordless.dev)
  • Since you, as the developer, have full control to issue a “register token” to register a new credential, you can send a link in a mail/text message that gives the user such token, allowing them to register a new credential on the device for a certain userid.

We’ll be publishing more documentation and recipes on how to add multiple devices as we work towards General Availability, but right now it’s up to the developer to control this behavior.

Regarding authType, it’s a signal to the browser/os what type of authenticator the server would prefer you to use. platform refers to a authenticator that is “part of the device/operating system” and cross-platform refers to one that can be removed from the device and carried elsewhere, e.g. a Security Key usb stick.

1 Like

Great! Thanks! I’ll give this a try with my own api-key and solution. Looking forward to more documentation.

@ErlendSB Let me know how it goes. We can do quick call if you’d like to share your solution once you’ve tried it - looking forward to hear your feedback.