Expo Go is a fantastic tool for React Native development, allowing you to quickly iterate on your app without the need for native builds. However, it comes with an important limitation:
Expo Go does not natively support passkeys due to its limitations in handling native code dependencies. Passkey authentication requires native modules that are not compatible with Expo Go's managed environment.
The core issue stems from the architecture of Expo Go:
- Sandboxed Environment: Expo Go runs your JavaScript code in a pre-built native container that has limited ability to incorporate custom native modules.
- Native Dependencies: Passkey implementation requires platform-specific native code to interact with the device's security features.
- Managed Workflow Limitations: In Expo's managed workflow, you can't directly modify the native code or add custom native modules without ejecting.
Options for Implementing Passkeys in React Native with Expo
Option 1: Use Development Builds (Recommended)
The most effective approach is to use Expo's development builds while staying within the Expo ecosystem:
With development builds, you can:
- Add custom native modules via config plugins
- Use Expo's managed workflow for most features
- Test native functionality on real devices
Option 2: Use Config Plugins with EAS Build
Expo's config plugins system allows you to modify native code without ejecting:
- Create a config plugin for passkey implementation:
- Register the plugin in your app.json:
Option 3: Use Expo's Prebuild to Generate a Native Project
This command generates the necessary native code for your project, allowing you to directly modify native modules while still using Expo tools.
How to implement Passkeys in React Native using AuthSignal
We’ll be using Authsignal’s React Native SDK to add passkeys
Step 1: Install the SDK
Step 2: Configure Native Requirements
After you have configured your Relying Party on Authsignal Portal, you should follow the steps below.
For iOS:
- Host an apple-app-site-association file on your domain that matches your relying party:
The response should contain:
Where ABCDE12345 is your team ID and com.example.app is your bundle identifier.
- In XCode under “Signing & Capabilities” add a
webcredentialsentry for your domain / relying party e.g.example.com:
.png)
For Android:
- Host an assetlinks.json file on your domain that matches your relying party:
The response JSON should look something like this:
- Finally, you will need to add an expected origin value for your APK hash when configuring passkeys in the Authsignal Portal.
.png)
Step 3: Initialize the Authsignal Client
You can find your tenant ID in the Authsignal Portal.
Step 4: Implement Passkey Registration
Step 5: Implement Passkey Authentication
Note: On your backend, you'll need to validate the Authsignal token using the Authsignal Server SDK. This verifies that the passkey authentication was successful and hasn't been tampered with. For implementation details, see Authsignal's backend validation documentation.
That’s it, you’ve successfully added passkeys to your React Native Application.
Conclusion
By using development builds with Authsignal's SDK, you can implement secure passkey authentication while staying in the Expo ecosystem.
The initial setup requires more effort than using Expo Go, but the security and UX benefits for your users make it worthwhile. Passkeys eliminate password-related vulnerabilities while providing a seamless authentication experience. If passkeys are important for your app, the transition from Expo Go is a necessary and valuable investment.
%2520(1).png)