Update: Context on Use Case I’m integrating Passkey into a financial-related app, where security and risk mitigation are top priorities. For compliance and anti-fraud reasons, we want to strictly restrict Passkey creation and usage to the current device only. The earlier observation (that allowedCredentials works for authentication) gives us hope, but we still haven’t found a way to achieve the same restriction for registration. Any insights tailored to financial app security requirements would be especially valuable.

Hey there! I saw your post about trying to hide the "Save to another device" option during Passkey registration—and I’m dealing with the exact same issue right now! We’re building a financial app, so restricting Passkey creation/use to the current device is non-negotiable for security and compliance reasons. I noticed your post was a bit back, so I wanted to check: did you ever figure this out? If you did, any little tips or fixes you could share would be a total lifesaver. Thanks so much in advance!

let assertionRequest = provider.createCredentialAssertionRequest(challenge: challenge) assertionRequest.allowedCredentials = allowedCredentials