Welcome to this comprehensive step-by-step tutorial designed to guide you through the process of setting up a backend environment for a passkeys using Docker Desktop. It will also guide you through the process of obtaining an Apple Developer Team-ID, a unique identifier required to manage your team on Apple’s Developer platform.
By the end of this tutorial, you’ll have a fully functional backend setup for your passkey workshop, and you’ll be capable of managing and running your applications more effectively.
Happy learning!
1. install Docker Desktop
https://www.docker.com/products/docker-desktop/
2. install Git
3. get Apple Developer Team-ID (Optional)
https://developer.apple.com/help/account/manage-your-team/locate-your-team-id/
4. setup the backend
automated / script (macOS and Linux):
!! for windows scroll down
- Clone the repository
git clone https://github.com/YubicoLabs/passkey-workshop
- Navigate to the deploy folder
cd passkey-workshop/deploy
- run the mobile.sh script
./cloudflared.sh
- edit .env file
- open the file
nano .env
- make changes
- if you have a Team-ID -> add it here
- if you don’t have a Team-ID -> change one character
- run the mobile.sh script again
./cloudflared.sh
- copy the url from the shell
- open the url in a browser
(use https://)
- go to the TestPanel
- you can now register and sign in with passkeys
- note: only the TestPanel is working!
manual (windows):
- start Powershell
- Clone the repository
git clone https://github.com/YubicoLabs/passkey-workshop
- Navigate to the deploy folder
cd passkey-workshop/deploy
- Copy the environment file
cp cloudflared.env .env
- Copy the frontend code
cp -r ../examples/clients/web/react/passkey-client/ react-app/source
- (optional) Edit the apple-app-site-association file with your Apple TeamID.
nano react-app/source/public/.well-known/apple-app-site-association
{
"webcredentials": {
"apps": [
"UVWXYZ1234.fyi.passkey.pawskeyUVWXYZ1234"
]
}
}
- Build the passkey-client
docker compose build passkey-client
- Copy the backend code
cp -r ../examples/relyingParties/java-spring/ java-app/source/
- Start your tunnel
docker compose --profile tunnel up -d
- Lookup the tunnel URL in cloudflared’s output, either in Docker Desktop or using
docker compose --profile tunnel logs
*example log:*
INF +--------------------------------------------------------------------------------------+
INF | Your quick Tunnel has been created! Visit it at (it may take some time to be reachable): |
INF | https://your-proxied-tunnel-endpoint.trycloudflare.com |
INF +--------------------------------------------------------------------------------------+
- Edit your .env file and set the values of
RP_ID
,RP_ALLOWED_ORIGINS
, andRP_ALLOWED_CROSS_ORIGINS
to your assigned hostname
RP_ID=replace-with-your-hostname.trycloudflare.com
RP_ALLOWED_ORIGINS=replace-with-your-hostname.trycloudflare.com
RP_ALLOWED_CROSS_ORIGINS=replace-with-your-hostname.trycloudflare.com
Also edit the URL for your RP backend API so it includes your tunnel hostname
REACT_APP_API=https://replace-with-your-hostname.trycloudflare.com/v1
- run
docker compose --profile mobile up -d
- open the url in a browser
- go to the TestPanel
- you can now register and sign in with passkeys
- note: only the TestPanel is working!