Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Can i enable passwordless login for multiple origins?
i have two sites, One for identity management and one oauth provider for login using open-id connect (i have used hydra + kratos here)
Both the sites has same root domain but i can't use passwordless login on oauth-provider site (working fine on identity management site), it's throwing "The provided authentication code is invalid, please try again." Error.
Since both site has same root domains i tried to add wildcard origin name in ory console's passwordless section (https://*.<http://xyz.com|xyz.com>) and it stopped working on both sites

Do I understand correctly that you want multiple domains to use the same WebAuthn configuration? The error you posted sounds like it’s coming from Social Sign In, which is why I’m asking.

we have multiple domains/apps that want we want to use the same webauthn. like they use the same oauth flow.

WebAuthn does not support that yet unfortunately :disappointed: <https://github.com/w3c/webauthn/issues/1372>

ah, ok, thanks. will keep track of that one.