Passkey check
hello there... how would i check either user device/browser has registerd passkey
28 Replies
@Better Auth hello there... how would i check either user device/browser has registerd passkey
Hey there! You can check if a user’s device/browser has a registered passkey by fetching the list of passkeys linked to the current user. With Better Auth, once the user is authenticated, you can call the function authClient.passkey.listUserPasskeys(), which sends a GET request to /passkey/list-user-passkeys and returns an array of the user’s registered passkeys. You can then check if this array is empty or contains passkey entries to determine if a passkey is registered [1].
Sources:
1. Passkey | Better Auth
Passkey | Better Auth
Passkey
@Better Auth but what if user have Registered passkey on another device, then lisrUserPassKeys will still retun empty arry if user didt register pass key on current device
That's expected behavior because passkeys are device‑specific. When a passkey is registered, the private key stays on that particular device, so if a user registers a passkey on one device, it isn’t automatically available on another. As a result, when you call listUserPasskeys on a different device where that passkey hasn’t been registered, the list will be empty [1].
If you need a solution that allows cross‑device authentication (for example, using a passkey stored on a phone to log in on a desktop), you might look into cross‑device flow options like QR code passkey authentication. This approach lets users authenticate with a passkey from another device through a secure QR code scan [3].
Sources:
1. Passkey | Better Auth
3. Add QR Code (Hybrid) Passkey Authentication Support
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
Passkey | Better Auth
Passkey
GitHub
Add QR Code (Hybrid) Passkey Authentication Support · Issue #2549 ...
Is this suited for github? Yes, this is suited for github Is your feature request related to a problem? Please describe. Yes. BetterAuth lacks QR code (hybrid/cross-device) passkey authentication, ...
but then how would i fetch all registered pass keys
@Better Auth but then how would i fetch all registered pass keys
You can retrieve all registered passkeys by calling the list function from the client. For example, using the Better Auth client, you’d do:
const { data: passkeys, error } = await authClient.passkey.listUserPasskeys();
This endpoint gets all passkeys registered for the authenticated user [1].
Sources:
1. Passkey | Better Auth
Passkey | Better Auth
Passkey
@Better Auth then how disabled add pass key button when i dont know either this device has registered
You can disable the “Add Passkey” button by first checking if the current user (or device) already has a registered passkey. Since Better Auth provides a way to list the user’s passkeys via the API (using authClient.passkey.listUserPasskeys), you can call that endpoint when your component mounts and then determine whether to show or disable the button based on the returned data [1].
Keep in mind that Better Auth doesn’t automatically track which device registered which passkey, so you’ll need to implement some client-side logic. For example, you might compare the list of passkeys against a locally stored identifier (if you have one) or simply disable the button if at least one passkey is registered for that user. Another approach is to leverage the conditional UI functionality that preloads registered passkeys – if a passkey is available, you could assume registration exists and disable the button accordingly [1].
This ensures a better user experience by preventing duplicate registration attempts on the same device.
Sources:
1. Passkey | Better Auth
Passkey | Better Auth
Passkey
@Better Auth how to preload passkeys
You can preload passkeys by invoking the signIn.passkey method with the autoFill option enabled so that the browser can trigger its conditional UI. Typically, you’d check if the browser supports conditional mediation (using PublicKeyCredential.isConditionalMediationAvailable) and then call the method – for example, in a React useEffect hook. This technique also requires having at least one input field with the autocomplete attribute set to "webauthn" so that the browser knows where to autofill the passkey [1].
Sources:
1. Passkey | Better Auth
Passkey | Better Auth
Passkey
@Better Auth but i dont have any input field in my ui
Hi there! It sounds like the field you're expecting might be intentionally hidden from the UI. Better Auth uses the input property to determine if an additional field should be included in user input forms. If you have input set to false (or it's defaulted that way for security reasons), then the field won’t render on your UI and must be managed in your backend logic instead [2]. Let me know if you need more details on configuring these fields!
Sources:
2. TypeScript | Better Auth
TypeScript | Better Auth
Better Auth TypeScript integration.
@Better Auth how to show error message when user has already registered device and authClient.** return same BAD_REQUEST status text for different messages
You can solve this by checking the error code in the error object returned by the authClient functions rather than relying solely on the HTTP status text. Even if the API returns the same BAD_REQUEST status text for multiple cases, the error object includes a code property that you can inspect and then map to a custom message.
For example, in your onError callback you might do something like this:
if (error && error.code === authClient.$ERROR_CODES.USER_ALREADY_EXISTS) {
// Show a specific message such as "This device is already registered."
} else {
// Handle generic bad request errors.
}
Using a custom error codes map is a common practice with Better Auth, as shown in the documentation [1]. You can even set up a custom error translation table (see the custom error messages example) to return different error messages based on the code [5]. This way, even if multiple error causes return BAD_REQUEST, your app can show specific and meaningful messages to the user.
Sources:
1. Client | Better Auth
5. Custom error messages
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
Client | Better Auth
Better Auth client library for authentication.
GitHub
Custom error messages · Issue #2400 · better-auth/better-auth
Is this suited for github? Yes, this is suited for github Is your feature request related to a problem? Please describe. Hi the better-auth community, I'm using a custom message using an after ...
@Better Auth what if api does not throw/give error but authClient return error e.g.
Better Auth’s client methods—such as passkey.addPasskey—are designed to return a result object with both data and an error property rather than immediately throwing an exception. That means if something goes wrong during the API call, you won’t necessarily see an exception; instead, you need to check the error field in the returned result. This pattern allows you to handle errors consistently without having to wrap every call in a try/catch block [12].
If you’d prefer to have errors thrown automatically (so that you can directly use try/catch without having to manually check for an error), you can configure your auth client with the throwOnError option. This setting changes the behavior of the async methods so that they will throw an error when one occurs instead of returning it in the result [5].
In your example, if you call:
const result = await authClient.passkey.addPasskey({ name });
…make sure to verify result.error before proceeding, or configure throwOnError if that better fits your workflow.
Sources:
12. Client | Better Auth
5. throwOnError mode?
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
Client | Better Auth
Better Auth client library for authentication.
GitHub
throwOnError mode? · Issue #2456 · better-auth/better-auth
Is this suited for github? Yes, this is suited for github Is your feature request related to a problem? Please describe. Minor problem - it's cumbersome constantly doing const {error, data} = a...
@Better Auth the error returned by addPassKey has same statusText for more than one action
Hi there! It sounds like you've encountered the same issue we’re aware of in the passkey plugin. Specifically, the addPasskey method currently doesn’t include a proper error code in its response, which can result in similar or identical statusText values for different error scenarios [1]. This issue is already being tracked, and our team is working toward providing more granular error handling in an upcoming release.
Let me know if you have any other questions or need further clarification!
Sources:
1. Plugin: Passkey - addPasskey is missing error code in Promise
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
Plugin: Passkey - addPasskey is missing error code in Promise · Is...
Is this suited for github? Yes, this is suited for github To Reproduce setup better auth to use passkeys attempt to use add passkey when session is not fresh Current vs. Expected behavior current: ...
@Better Auth it does not return code in response this is error i get if device previously registered
Hey there! The error response you’re seeing—returning a message of "previously registered" with a 400 status but no “code” field—is an indication that the device has already been registered, and the current response format for that endpoint doesn’t include a dedicated error code.
At the moment, Better Auth’s error responses vary by endpoint and aren’t consistently including a “code” key. We’ve seen similar cases (for example, in the captcha plugin where earlier errors only returned a message) and upcoming changes are planned to standardize these responses with an added “code” field for easier error handling [11].
For now, you can detect the “previously registered” scenario by checking the error message and status code. If a distinct code is important for your implementation, keep an eye on future releases or consider a custom error handling tweak in your project.
Hope that helps!
Sources:
11. feat(captcha): add "code" key to error responses for standardized error handling
GitHub
Build software better, together
GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.
GitHub
feat(captcha): add "code" key to error responses for standardized e...
Captcha plugin only returned "message" in response errors. This PR add "code" key that already are present in other endpoints.
@Better Auth how ensure that team is working on this bug
Hey there! For this particular bug—which appears to be the issue with setActiveOrganization not properly checking membership by slug or id—you can rest assured that our team is actively tracking it. The GitHub issue shows that it’s open and has already been logged, so we're keeping an eye on it and working towards a fix [1]. If you have any further details or insights, feel free to share them so we can prioritize the work even better!
Sources:
1. Check membership in
setActiveOrganization does not consider slug or idGitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
Check membership in
setActiveOrganization does not consider slug ...Is this suited for github? Yes, this is suited for github To Reproduce Use organization plugin Enable teams Call auth.api.setActiveOrganization with organizationSlug Current vs. Expected behavior I...
noticed this too, just made a PR to use the name field.
https://github.com/better-auth/better-auth/pull/3587
GitHub
feat(passkey): allow custom passkey name during registration by Fyo...
Summary
Fixes an issue in the Passkey plugin where the name parameter provided during registration was previously ignored. The implementation now correctly passes and applies the name as the userNa...
hi @Fyoxy your pr proposes custom name for passkey...?
correct, but it seems like you have some other issue, the name part just caught my eye
yeah my issue was, addPassKey does not return error code, i went with manual add pass key method with @simplewebauthn/browser to get full control over error message
that's odd, the result should have an error property and I have handled errors from there before
I have had the issue where the response hangs until I send another one, but that has been due to the password manager
it has error prop but error does not have code prop