This feature is only for Dynamic Embedded Wallets and is available from SDK version V1.1 and above. Once upgraded, new and existing Dynamic embedded wallets will be able to use one-time codes if enabled in your Dynamic dashboard.

You can now allow your end users to transact using one-time email verification codes rather than passkeys. This means:

  • It’s even simpler for customers to transact - especially if they use older devices and browsers.
  • It’s much easier to embed Dynamic across many domains where a passkey would be needed for each.
  • You can use passkeys as a 2FA method and not as the initial signing method for transactions.

Background

Passkeys offer an intuitive and step-forward experience for developers and users alike by utalizing popular keychain managers like iCloud or 1Password to safely secure and enable cross-device experience. In some cases however, the experience of passkeys is still a few steps too advanced and developers want an alternative for their users to complete transactions using even more familiar functions. One-time codes offer a great solution.

Additionally, for customers that use Dynamic as an embedded solution across domains, the one-time code option offers flexibility as users would otherwise need to set up a passkey for each domain they interact with.

How it works

Using an authenticated email, Dynamic sends a secure one-time code (encoded in base65) at the time a transaction is initiated. This code must be pasted by the end-user and will grant them access to sign for transactions for their wallet. An encrypted key is stored in local storage based on a defined length of time (in the dashboard) so users can continue transacting without an additional prompt.

One-time codes can also be combined with passkeys:

  1. Users can utilize one-time codes for their initial transaction, and get prompted to add a passkey afterward.
  2. One-time codes can be used as a fallback for users who run into issues with their passkey.

Restrictions

  1. If used as the only signing method, you must combine this with Pregenerated Wallets.
  2. If the user closes their session, the key will expire on its own.
  3. If the user traverses devices during this session, it will require a new code.

How to set it up

1

Enable Embedded Wallets

Go to the email, social & embedded wallet section of the dashboard, enable dynamic embedded wallets.

2

Enable One Time Codes

Inside the embedded wallet configuration section, under “Signing & Security Methods”, toggle on “One-time code” either on it’s own or with Passkeys.

3

Session key configuration

Choose your session key length or keep the default of thirty minutes

End user experience

No matter what configuration you have for one time codes/passkeys, the user logs in and has an embedded wallet created invisibly. From then on, the experience depends on how you have set up the further configuration.

Users can utilize one-time codes in three simple steps.

1

One-time code prompt

With one-time codes enabled, when the end user attempts to perform an action with their wallet they will be prompted to enter a one-time code sent to their email.

2

One-time code email

Users will receive an email with a one-time code that they can paste into the modal.

3

One-time code confirmation

Once the code is confirmed, a session will be created. Users can continue performing actions with their wallet without an additional code until their session expires.

FAQ