(Step-by-Step Setup)
SETUP (General)

Go to Settings > General and check "Expose the option to add an ID attribute to HTML elements".

Place the BioPass element on your page.

PART A: Registration (Hyrbid Flow)

  - Create a button "Setup Passkey".

  - Run Action: BioPass - Register Passkey.

  - On Event Registration Success:

  - Pro: Run Plugin Action BioPass - Verify Registration (Server). If valid, save the Credential ID and Public Key to your Database (create a new Data Type Passkey).


PART B: Conditional UI (Autofill Login - Pro Only)

  - Give your Email Input the ID Attribute: input_passkey_login (Exact spelling).

  - Create a Workflow: Do when condition is true -> BioPass Registration JSON is not empty (or whenever the input becomes visible).

  - Run Action: BioPass - Start Conditional UI.

  - Result: When the user clicks the email field, the biometric prompt appears automatically.

  - Requirement: The target Input element must have the ID Attribute input_passkey_login.

PART C: Login

On Event Login Success:

Pro: Run Plugin Action BioPass - Verify Login (Server). Verify against the saved Public Key in your DB. If valid -> Log the user in.



🛡️ The Golden Rule of V2 Security:
In BioPass V2, Server-Side Challenges are MANDATORY for backend verification (Verify Registration and Verify Login). While the frontend elements can auto-generate challenges if left blank, your Backend API Workflows must receive the exact challenge used by the frontend to validate the biometric signature.

🛠️ Step-by-Step: The Perfect V2 Architecture
Step 1: Generate the Challenge (Frontend & UI)

On Page Load (or when the Login/Register popup opens), run the BioPass Client Action to generate/refresh a challenge.

Store this challenge in a Custom State (e.g., Current_Challenge).

When the user clicks "Register" or "Login", run the BioPass - Register/Login action and pass the Current_Challenge state into the Challenge input.

Step 2: Sending Data to the Backend
When the registration_success or login_success event triggers, schedule your API Workflow. You must send:

The JSON output from the BioPass element.

The exact Challenge used (from your Custom State).

The Origin URL (e.g., Website home URL :find and replace /$).

Step 3: 🧩 The Regex Trick (Finding the Right Key during Login)
During login, you need to find the user's Public Key in your database before you can verify it. To do this, you must extract the Credential_id from the Login JSON sent by the frontend:

In your Schedule API Workflow action, pass a text parameter called cred_id.

Set its value to: BioPass's login_json :extract with Regex

Use this exact Regex pattern: (?<="id":")[^"]+

Select :first item.

Step 4: Backend Verification (Verify Login / Verify Registration)
Inside your API Workflow, place the Server-Side verification action:

Expected Challenge: The challenge parameter you passed from the frontend.

Expected Origin: The URL parameter you passed from the frontend.

Stored Credential ID: The cred_id you extracted using Regex!

Stored Public Key: Do a search for Credentials (ID = cred_id) :first item's Public_key.

If Verified = yes, log the user in and update the database counter!