Skip to main content

Configuration

Default configuration keys for @quik/passport. See Config Keys and Environment Variables for the full generated table.

  • auth.passkey.challenge.timeToLiveMs (default 300000) controls how long a passkey registration/authentication challenge stays valid.
  • auth.passkey.relyingParty.id (default localhost) is the WebAuthn relying party domain identifier, e.g. example.com.
  • auth.passkey.relyingParty.name (default Quik) is the user-facing app name shown by passkey-capable clients/authenticators.
  • auth.passkey.http.* configures the built-in passkey HTTP routes: enabled, basePath (default /auth/passkey), persistSession, issueBearerToken, bearerTokenExpiresIn (default 1h).
  • docs.scalar.passkey.* configures the optional Scalar API docs integration for passkey auth: enabled, title, description, begin.url/begin.method, verify.url/verify.method, authorization.headerName/authorization.scheme/authorization.tokenPath, includeCredentials.

Dependencies

@quik/passport depends on @quik/http-express, @quik/authorization, and @quik/entity. It registers Passport runtime middleware into the Express engine during onAfterInit, so @quik/http-express must be loaded for strategies and OAuth providers to be wired up.