New: Passkey Benchmark 2026 - 8 production KPIs to compare your passkey rolloutcompare your passkey rollout
Read full blogpost

Which browsers support passkey creation in 3rd-party iframe?

Learn which browsers support creating passkeys within third-party iframes, including current limitations and future expectations for WebAuthn Level 3.

Vincent Delitz
Vincent Delitz

Created: April 7, 2025

Updated: May 12, 2026

browsers support passkey third party iframe

Which browsers currently support the creation of passkeys in a third-party iframe context?#

As of now, browser support for creating passkeys within third-party (cross-origin) iframes is evolving rapidly, particularly influenced by the WebAuthn Level 3 specification. Here's the current state of support:

Browsers Supporting Passkey Creation in Third-Party Iframes#

Browsers with Limited or No Support#

Safari: Currently does not support creating passkeys within third-party iframes. Safari allows only authentication (login) via passkeys in cross-origin iframes, but not registration or creation. This limitation is part of Safari's broader restrictions related to cross-origin security. In a payment context, one of the reason for this limitation is that Apple wants to protect its Apple Pay experience and make it stand out against other providers.

WhitepaperEnterprise Icon

Enterprise Passkey Whitepaper (+70 pages). How leaders get +80% adoption. Trusted by Rakuten, Klarna & Oracle.

Get Whitepaper

Recommendation#
  • Always verify browser compatibility before implementing a cross-origin iframe passkey flow in production environments.
  • Provide alternative authentication flows (e.g., redirect-based or pop-up-based) to handle browsers with limited support, ensuring consistent user experiences.

For the most accurate and up-to-date compatibility, always check official browser documentation and release notes.

Read the full article#
Corbado

About Corbado

Corbado is the Passkey Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: which devices, OS versions, browsers and credential managers support passkeys, why enrollments don't turn into logins, where the WebAuthn flow fails and when an OS / browser update silently breaks login, all without replacing Okta, Auth0, Ping, Cognito or your in-house IDP. Two products: Corbado Observe layers observability for passkeys and any other login method. Corbado Connect adds managed passkeys with analytics built in (alongside your IDP). VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert

Passkeys & iframes: How to Create & Login with a Passkey?

Read the full article

Discover how to create & login with passkeys in cross-origin iframes with our guide. Learn about iframes in WebAuthn, security policies & implementation.

Read the full article

Read by 5,000+ security leaders.

See what's really happening in your passkey rollout.

Explore the Console

Share this article

LinkedInTwitterFacebook

Table of Contents

Related FAQs

Related Terms

Related Articles

Passkeys & iframes: How to Create & Login with a Passkey?

Passkeys & iframes: How to Create & Login with a Passkey?

Vincent Delitz - June 3, 2024

Payment Provider Passkeys: How to Build a 3rd Party SDK

Payment Provider Passkeys: How to Build a 3rd Party SDK

Vincent Delitz - March 24, 2025

How to get high Passkey Adoption in Creation Flows

How to get high Passkey Adoption in Creation Flows

Vincent Delitz - March 10, 2025