> ## Documentation Index
> Fetch the complete documentation index at: https://docs.0xkey.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a user passkey session

> A passkey session is an expiring session enabled by an initial passkey authentication. You could think of this as a "lightning mode" of sorts: creating a passkey session allows users to authenticate subsequent requests touch-free. Under the hood, this is powered by our [indexedDbStamper](/api-reference/overview). These sessions are enabled by creating a short-lived embedded API key in the browser, stored in localStorage, and cryptographically scoped to a public key generated by IndexedDB.

By calling `loginWithPasskey()`, the SDK stores the session and active client in localStorage. The signing key material remains securely stored in the browser’s IndexedDB and is never extractable. 0xkey uses this public key to scope and encrypt the session to the appropriate user.

For custom UI without React, see [`@0xkey-io/core`](/sdks/typescript-frontend/getting-started) — session and stamper setup is handled by `ZeroXKeyClient` after `init()`.

## Steps using `@0xkey-io/react-wallet-kit`

<Steps>
  <Step title="Initialize the React Provider">
    ```js theme={"theme":{"light":"github-light","dark":"github-dark"}}
    import { ZeroXKeyProvider } from "@0xkey-io/react-wallet-kit";

    const 0xkeyConfig = {
      apiBaseUrl: "https://api.0xkey.io",
      defaultOrganizationId: process.env.OXKEY_ORGANIZATION_ID,
      rpId: process.env.RPID,
    };

    ...

    <div className="App">
      <ZeroXKeyProvider config={zeroXKeyConfig}>
        {/* Your app components */}
      </ZeroXKeyProvider>
    </div>
    ```
  </Step>

  <Step title="Login with a Passkey and Create a Session">
    ```js theme={"theme":{"light":"github-light","dark":"github-dark"}}
    import { useZeroXKey } from "@0xkey-io/react-wallet-kit";

    const { passkeyClient, indexedDbClient } = useZeroXKey();

    await indexedDbClient.init();
    const publicKey = await indexedDbClient.getPublicKey();

    await passkeyClient.loginWithPasskey({
      publicKey,
      sessionType: "SESSION_TYPE_READ_WRITE", // or "SESSION_TYPE_READ_ONLY"
      expirationSeconds: 900,
    });
    ```
  </Step>

  <Step title="Use the session to make requests">
    ```js theme={"theme":{"light":"github-light","dark":"github-dark"}}
    const { getActiveClient } = useZeroXKey();
    const client = await getActiveClient();

    const whoami = await client.getWhoami({
      organizationId: <your-org-id>,
    });
    ```

    `getActiveClient()` returns the currently active client (e.g. IndexedDb-backed), refreshing automatically if needed.
  </Step>
</Steps>
