This feature is only for Dynamic Embedded Wallets and is available from SDK version V1.1 and above. Once upgraded, new and existing Dynamic embedded wallets will be able to use one-time codes if enabled in your Dynamic dashboard.
You can now allow your end users to transact using one-time email verification codes rather than passkeys. This means:
- It’s even simpler for customers to transact - especially if they use older devices and browsers.
- It’s much easier to embed Dynamic across many domains where a passkey would be needed for each.
- You can use passkeys as a 2FA method and not as the initial signing method for transactions.
Passkeys offer an intuitive and step-forward experience for developers and users alike by utalizing popular keychain managers like iCloud or 1Password to safely secure and enable cross-device experience. In some cases however, the experience of passkeys is still a few steps too advanced and developers want an alternative for their users to complete transactions using even more familiar functions. One-time codes offer a great solution.
Additionally, for customers that use Dynamic as an embedded solution across domains, the one-time code option offers flexibility as users would otherwise need to set up a passkey for each domain they interact with.
How it works
Using an authenticated email, Dynamic sends a secure one-time code (encoded in base65) at the time a transaction is initiated. This code must be pasted by the end-user and will grant them access to sign for transactions for their wallet. An encrypted key is stored in local storage based on a defined length of time (in the dashboard) so users can continue transacting without an additional prompt.
One-time codes can also be combined with passkeys:
- Users can utilize one-time codes for their initial transaction, and get prompted to add a passkey afterward.
- One-time codes can be used as a fallback for users who run into issues with their passkey.
- If used as the only signing method, you must combine this with Pregenerated Wallets.
- If the user closes their session, the key will expire on its own.
- If the user traverses devices during this session, it will require a new code.
How to set it up
Enable Embedded Wallets
Go to the email, social & embedded wallet section of the dashboard, enable dynamic embedded wallets.
Enable One Time Codes
Inside the embedded wallet configuration section, under “Signing & Security Methods”, toggle on “One-time code” either on it’s own or with Passkeys.
Session key configuration
Choose your session key length or keep the default of thirty minutes
End user experience
No matter what configuration you have for one time codes/passkeys, the user logs in and has an embedded wallet created invisibly. From then on, the experience depends on how you have set up the further configuration.
Users can utilize one-time codes in three simple steps.
One-time code prompt
With one-time codes enabled, when the end user attempts to perform an action with their wallet they will be prompted to enter a one-time code sent to their email.
One-time code email
Users will receive an email with a one-time code that they can paste into the modal.
One-time code confirmation
Once the code is confirmed, a session will be created. Users can continue performing actions with their wallet without an additional code until their session expires.