Getting Started
Installation
How to install and set up the Laravel Passkey API package.
Install via Composer
Terminal
composer require xefi/laravel-passkey-api
The package registers itself automatically via Laravel's package auto-discovery. No need to add the service provider manually.
Database setup
Publish the migration files:
Terminal
php artisan vendor:publish --tag=passkey-migrations
Then run the migrations:
Terminal
php artisan migrate
This creates a passkey table with the following columns:
| Column | Type | Description |
|---|---|---|
id | bigint | Primary key |
passkeeable_id | bigint | Polymorphic owner ID |
passkeeable_type | string | Polymorphic owner class (e.g. App\Models\User) |
label | string | Human-readable name for the passkey |
credential_id | text | Base64-encoded WebAuthn credential ID (indexed) |
challenge | string | Last challenge used (for replay protection) |
public_key | text | Base64-encoded CBOR-encoded COSE public key |
created_at | timestamp | |
updated_at | timestamp |
User model setup
Add the HasPasskeys trait to your User model:
app/Models/User.php
use Xefi\LaravelPasskey\Traits\HasPasskeys;
class User extends Authenticatable
{
use HasPasskeys;
// ...
}
This adds a passkeys() polymorphic Eloquent relationship (morphMany) to your model.
Configuration (optional)
Publish the configuration file if you need to customise the defaults:
Terminal
php artisan vendor:publish --tag=passkey-config
This creates config/passkey.php in your application. See the Configuration page for all available options.
The default authentication middleware uses Laravel's default
auth guard. Publish the config file to override it with a specific guard (e.g. auth:sanctum) or to change the auth_action used after a successful passkey login.