Implement main passkey backend (!209582) · Merge requests · GitLab.org / GitLab

Related to #569932

What does this MR do and why?

Implement main passkey backend (controllers, services, helpers & routing)

Screenshots or screen recordings

BE demo to create and delete passkeys programmatically
Integrates with the conditional UX & FE logic for default passkeys when at least 1 2FA method is enabled

Demo
passkey_controller_demo

How to set up and validate locally

Open a rails console

gdk rails console

Create a user with a WebAuthn registration and verify model changes.

user = User.first
auth1 = user.passkeys.create(
  name: 'LastPass',
  credential_xid: SecureRandom.hex,
  public_key: SecureRandom.hex,
  counter: 0,
  last_used_at: 20.days.from_now,
  authentication_mode: :passwordless
)

auth1.last_used_at
auth1.passkey_eligible

Go to https://gdk.test:3443/-/profile/two_factor_auth
Run Feature.enable(:passkeys)
Play around with the connected UI
Try to log out & log in with & without 2FA
- You won't be able to test passkey registration & sign_in yet until other frontend tasks are completed

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited Oct 22, 2025 by Hakeem Abdul-Razak

Implement main passkey backend

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports