ChatGPT Atlas Passkeys Support

+70-page Enterprise Passkey Whitepaper:
Learn how leaders get +80% passkey adoption. Trusted by Rakuten, Klarna & Oracle

Get free Whitepaper

Last updated: January 12, 2026

With ChatGPT Atlas, OpenAI's new browser embedded with ChatGPT, users naturally wonder: How well does ChatGPT Atlas support passkeys? Does it support platform passkeys and access to existing credential stores and password managers?

This article examines Atlas's passkey implementation, explores its technical characteristics and answers these critical questions about compatibility and limitations.

This article covers:

1. Platform passkey support and technical details
2. Atlas's unique AAGUID implementation
3. Cross-device authentication limitations
4. Future outlook and recommendations

ChatGPT Atlas supports creating platform passkeys through the WebAuthn API. Early Atlas builds produced device-bound credentials (as shown in the attestation below). However, Atlas has since added iCloud Passkeys support, allowing users to save and use iCloud Keychain passkeys in Atlas (ChatGPT Atlas release notes).

Important: When creating a passkey, Atlas defaults to its local profile (device-bound). To save a passkey to iCloud Keychain instead, select "Save another way" during the passkey creation flow:

ChatGPT Atlas defaults to creating device-bound passkeys, with the option to save another way.

The dialog shows "This passkey will only be saved on this device" — confirming the default is device-bound. Click "Save another way" to select iCloud Keychain instead.

When creating a passkey in Atlas, the authentication response reveals key characteristics. View the complete passkey debugger result.

The complete attestation response structure:

{
    "authenticatorAttachment": "platform",
    "id": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk",
    "rawId": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk",
    "response": {
        "attestationObject": "o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZyZjc2lnWEcwRQIgJqZ34SrRZDef5wwv9HivRVeBV1TbtXdSf02ZPlrFny4CIQDDp3nuUZc8iSlfjMd1U5ahTY6eFRIOn7a7H9SBg5Q-TWhhdXRoRGF0YVikPpZrl-Wqt-OFfBpyy2SraN1m7LT0GZORwGA7-6ujYkNFAAAAAMNZbku1oUftuXkLQng2jR4AIN1nWaaRMy-GpIuzea2A2ZDeADHm1cUCiggsOfja-PCppQECAyYgASFYIBvmw3MGkihD6xtMJGHGuVppqiyIBAwTceS3IZv7PtDSIlggHHerXJuTzxnMtVghblDP10UA-V9OhSGWDRsyoLfU6yE",
        "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiVlFHME1EQkVFVEg4Q3NaZGd6ZVh5Wno4VGwwaGU0OWNKMENfYjlJQ3RGdyIsIm9yaWdpbiI6Imh0dHBzOi8vd3d3LnBhc3NrZXlzLWRlYnVnZ2VyLmlvIiwiY3Jvc3NPcmlnaW4iOmZhbHNlfQ",
        "transports": ["internal"],
        "authenticatorData": "PpZrl-Wqt-OFfBpyy2SraN1m7LT0GZORwGA7-6ujYkNFAAAAAMNZbku1oUftuXkLQng2jR4AIN1nWaaRMy-GpIuzea2A2ZDeADHm1cUCiggsOfja-PCppQECAyYgASFYIBvmw3MGkihD6xtMJGHGuVppqiyIBAwTceS3IZv7PtDSIlggHHerXJuTzxnMtVghblDP10UA-V9OhSGWDRsyoLfU6yE",
        "publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG-bDcwaSKEPrG0wkYca5WmmqLIgEDBNx5Lchm_s-0NIcd6tcm5PPGcy1WCFuUM_XRQD5X06FIZYNGzKgt9TrIQ",
        "publicKeyAlgorithm": -7
    },
    "type": "public-key",
    "clientExtensionResults": {}
}

Key fields from the attestation response:

Authenticator Attachment: "authenticatorAttachment": "platform" indicates the passkey uses a platform authenticator (built-in). Whether it’s device-bound or synced depends on the passkey provider and backup flags.

Transport: "transports": ["internal"] indicates the credential is stored in a platform authenticator. This does not, by itself, tell you whether the passkey can sync.

Credential ID: "id": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk" uniquely identifies this passkey but provides no link to external credential stores.

The parsed attestation response reveals additional details:

{
    "authenticatorAttachment": "platform",
    "id": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk",
    "rawId": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk",
    "response": {
        "attestationObject": {
            "fmt": "packed",
            "attStmt": {
                "alg": "ES256 (-7)",
                "sig": "MEUCICamd-Eq0WQ3n-cML_R4r0VXgVdU27V3Un9NmT5axZ8uAiEAw6d57lGXPIkpX4zHdVOWoU2OnhUSDp-2ux_UgYOUPk0"
            },
            "authData": {
                "rpIdHash": "PpZrl-Wqt-OFfBpyy2SraN1m7LT0GZORwGA7-6ujYkM",
                "flags": {
                    "userPresent": true,
                    "userVerified": true,
                    "backupEligible": false,
                    "backupStatus": false,
                    "attestedData": true,
                    "extensionData": false
                },
                "counter": 0,
                "aaguid": {
                    "raw": "c3596e4b-b5a1-47ed-b979-0b4278368d1e",
                    "name": "Unknown"
                },
                "credentialID": "3WdZppEzL4aki7N5rYDZkN4AMebVxQKKCCw5-Nr48Kk",
                "credentialPublicKey": "pQECAyYgASFYIBvmw3MGkihD6xtMJGHGuVppqiyIBAwTceS3IZv7PtDSIlggHHerXJuTzxnMtVghblDP10UA-V9OhSGWDRsyoLfU6yE",
                "parsedCredentialPublicKey": {
                    "keyType": "EC2 (2)",
                    "algorithm": "ES256 (-7)",
                    "curve": 1,
                    "x": "G-bDcwaSKEPrG0wkYca5WmmqLIgEDBNx5Lchm_s-0NI",
                    "y": "HHerXJuTzxnMtVghblDP10UA-V9OhSGWDRsyoLfU6yE"
                }
            }
        },
        "clientDataJSON": {
            "type": "webauthn.create",
            "challenge": "VQG0MDBEETH8CsZdgzeXyZz8Tl0he49cJ0C_b9ICtFw",
            "origin": "https://www.passkeys-debugger.io",
            "crossOrigin": false
        },
        "transports": ["internal"],
        "authenticatorData": "PpZrl-Wqt-OFfBpyy2SraN1m7LT0GZORwGA7-6ujYkNFAAAAAMNZbku1oUftuXkLQng2jR4AIN1nWaaRMy-GpIuzea2A2ZDeADHm1cUCiggsOfja-PCppQECAyYgASFYIBvmw3MGkihD6xtMJGHGuVppqiyIBAwTceS3IZv7PtDSIlggHHerXJuTzxnMtVghblDP10UA-V9OhSGWDRsyoLfU6yE",
        "publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG-bDcwaSKEPrG0wkYca5WmmqLIgEDBNx5Lchm_s-0NIcd6tcm5PPGcy1WCFuUM_XRQD5X06FIZYNGzKgt9TrIQ",
        "publicKeyAlgorithm": -7
    },
    "type": "public-key",
    "clientExtensionResults": {}
}

Notable parsed values: "backupEligible": false and "backupStatus": false indicate this credential is not backup-eligible and is not backed up (i.e., device-bound). The AAGUID is "raw": "c3596e4b-b5a1-47ed-b979-0b4278368d1e".

Atlas's client capabilities show broad WebAuthn feature support:

{
    "conditionalCreate": true,
    "conditionalGet": true,
    "extension:appid": true,
    "extension:appidExclude": true,
    "extension:credBlob": true,
    "extension:credProps": true,
    "extension:credentialProtectionPolicy": true,
    "extension:enforceCredentialProtectionPolicy": true,
    "extension:getCredBlob": true,
    "extension:hmacCreateSecret": true,
    "extension:largeBlob": true,
    "extension:minPinLength": true,
    "extension:payment": true,
    "extension:prf": true,
    "hybridTransport": true,
    "passkeyPlatformAuthenticator": true,
    "relatedOrigins": true,
    "signalAllAcceptedCredentials": true,
    "signalCurrentUserDetails": true,
    "signalUnknownCredential": true,
    "userVerifyingPlatformAuthenticator": true
}

Despite comprehensive WebAuthn capability support (including "hybridTransport": true for QR code authentication), device-bound credentials limit practical usability.

The passkey shown above is device-bound. If you create a passkey in Atlas and it is not backup-eligible (e.g. "backupEligible": false), that passkey exists only on that device. You cannot:

• Access it from another device
• Sync it via iCloud Keychain
• Transfer it to another browser

Separately, Atlas can also save and use iCloud Keychain passkeys, which do sync across your Apple devices (ChatGPT Atlas release notes). To use iCloud Keychain, choose "Save another way" when prompted — the default saves to Atlas's local profile.

ChatGPT Atlas introduces a new Authenticator Attestation Global Unique Identifier (AAGUID): c3596e4b-b5a1-47ed-b979-0b4278368d1e.

The AAGUID is a 128-bit identifier that indicates the authenticator model. This identifier appears in the authenticatorData (specifically in the attestationObject) during passkey creation, allowing websites to determine what type of authenticator created the credential.

For comparison, Chrome on Mac uses: adce0002-35bc-c60a-648b-0b25f1f05503

Atlas's unique AAGUID indicates a distinct authenticator implementation. However, an AAGUID is simply an identifier for the authenticator model (it does not define sync or credential-store integration behavior) (FIDO AAGUID definition, WebAuthn authenticator data).

Atlas having its own AAGUID does not, by itself, mean Atlas is (or will remain) isolated from external credential stores. Sync and interoperability are product decisions that can change over time.

Historical Context: Some ecosystems started with device-bound credentials and later added syncing. Atlas similarly shipped with device-bound credentials (see "backupEligible": false above) and later added iCloud Keychain passkey support (ChatGPT Atlas release notes).

While Atlas supports WebAuthn's cross-device authentication flow, the experience differs significantly from cloud-synced passkey ecosystems.

QR Code Flow: When accessing a website that requires authentication:

1. Atlas displays a QR code on the screen
2. You scan it with your mobile phone
3. Your phone (with its own passkeys stored in e.g. iCloud Keychain) completes the authentication
4. The session is established on your Atlas browser

Practical Impact: This works but adds friction when your passkeys live in a synced provider that Atlas does not directly integrate with. On Apple devices, Atlas can save and use iCloud Keychain passkeys directly (ChatGPT Atlas release notes).

Passkeys stored in iCloud Keychain: Atlas can save and use iCloud Keychain passkeys directly (ChatGPT Atlas release notes).

Logging in to Google: Basic authentication to Google services works in Atlas (via OAuth / OIDC), but don't expect the seamless passkey experience you get in Chrome or Safari where your credentials are readily available.

The current limitations suggest Atlas's passkey implementation is in its early stages. Several developments seem likely:

Synchronization: OpenAI may eventually enable passkey synchronization across Atlas installations, similar to how other browsers evolved from device-bound to synced passkeys.

Password Manager Integration: 1Password already supports Atlas via browser extension (release notes). Other password managers (Bitwarden, Dashlane, etc.) may follow.

OpenAI Agent Access: A compelling possibility is that OpenAI could make Atlas passkeys accessible to OpenAI agents. Imagine AI assistants that can authenticate on your behalf using securely managed passkeys - a natural extension of OpenAI's broader agent vision. This could enable agents to perform authenticated actions across services while maintaining security through passkey-based authentication.

ChatGPT Atlas represents OpenAI's ambitious entry into the browser space, but its passkey implementation remains limited. Let's answer the questions posed at the beginning:

Atlas supports passkeys, including device-bound platform passkeys (as shown in the attestation above) and iCloud Keychain passkeys (ChatGPT Atlas release notes). The implementation uses WebAuthn correctly, but capabilities depend on which passkey provider you use.

Yes, Atlas supports platform passkeys. The "authenticatorAttachment": "platform" parameter and "transports": ["internal"] confirm that passkeys are created using a platform authenticator. Whether a passkey is device-bound or synced depends on the passkey provider (e.g. Atlas device-bound vs iCloud Keychain).

Yes, Atlas supports external security keys (roaming authenticators) such as YubiKeys. The WebAuthn implementation in Atlas handles both platform authenticators and roaming authenticators. You can register and authenticate with a hardware security key connected via USB, NFC, or Bluetooth.

Yes, Atlas integrates with:

• iCloud Keychain: Save and use iCloud Keychain passkeys (release notes)
• 1Password: Full browser extension support with autofill and passkey management (release notes, 1Password blog)

Note: Google Password Manager does not work in Atlas — it's built into Chrome and cannot be installed as an extension. For passkeys stored there, use QR code-based cross-device authentication.

Atlas's unique AAGUID (c3596e4b-b5a1-47ed-b979-0b4278368d1e) identifies the authenticator model; it does not determine credential-store integration (FIDO spec).

Do:

• Use iCloud Keychain: Select "Save another way" when creating passkeys to sync across your Apple devices.
• Install 1Password: The 1Password browser extension works in Atlas with full autofill and passkey support (release notes).
• Use QR codes: For passkeys stored in providers without Atlas extensions (e.g. Google Password Manager, Bitwarden), use QR code-based cross-device authentication.

Don't:

• Rely on defaults: Avoid device-bound passkeys (the default) if you need multi-device access.
• Expect Google Password Manager: It's built into Chrome and cannot be installed in Atlas — use QR codes instead.

For now, Atlas passkeys are best avoided for critical accounts. The infrastructure exists but lacks the polish and integration of mature passkey implementations in Chrome, Safari or Edge. As OpenAI develops Atlas, expect these capabilities to evolve - particularly if they pursue the vision of agent-accessible authentication.

Best Approach: Continue using established browsers and password managers for critical authentication while monitoring Atlas's evolution. When (and if) OpenAI enhances passkey support, the foundation they're building today will become more useful.