Have you searched for an existing feature request?
Brief Summary
Passkeys are tied to a specific website and can only be used to log in to the website for which they were created.
This is specified in the Relying Party ID (RP ID).
Websites with multiple domains: Users cannot use the same passkey to log in to different subdomains (e.g., dashboard.example.com and portal.example.com) managed by the same web application.
Related origin requests offer a solution here.
https://web.dev/articles/webauthn-related-origin-requests
Example
The user can log in with the same passkey at dashboard.example.com and portal.example.com. (Both subdomains have their own sessions.)
Context
Some websites use the “Related Origin Requests” feature.
Have you searched for an existing feature request?
Brief Summary
Passkeys are tied to a specific website and can only be used to log in to the website for which they were created.
This is specified in the Relying Party ID (RP ID).
Websites with multiple domains: Users cannot use the same passkey to log in to different subdomains (e.g., dashboard.example.com and portal.example.com) managed by the same web application.
Related origin requests offer a solution here.
https://web.dev/articles/webauthn-related-origin-requests
Example
The user can log in with the same passkey at dashboard.example.com and portal.example.com. (Both subdomains have their own sessions.)
Context
Some websites use the “Related Origin Requests” feature.