Developer Portal Security Settings
Configure authentication methods, session management, and transaction permissions
Configure security settings to control user authentication methods, session duration, and transaction permissions. These settings balance security with user experience for your Para integration.
Authentication Methods
Configure which authentication methods your users can use to access their wallets.
This configuration does not affect Mobile SDK frameworks. Mobile SDKs use native mobile passkeys with an option to use passwords via Webviews.
Passkeys
Enable passkey authentication for enhanced security and user experience:
- Biometric Authentication: Fingerprint, Face ID, or Windows Hello
- Hardware Security Keys: FIDO2-compatible security keys
- Platform Authenticators: Built-in device authenticators
Passwords
Configure traditional password authentication:
- Password Requirements: Set complexity requirements
- Recovery Options: Enable password reset functionality
- Multi-Factor Authentication: Optional additional security layer
You can enable both passkeys and passwords to give users choice:
- Passkeys Preferred: Passkeys will be suggested first during registration
- Fallback Support: Users can choose passwords if passkeys aren’t available
If you’re creating a PWA we recommend using passwords so that the user stays within the installed app. Passkeys will open a new browser tab.
Session Management
Control how long users stay authenticated before requiring re-authentication.
Security Considerations
Shorter Sessions (2 Hours - 1 Day):
- Enhanced security for sensitive applications
- Reduced risk if device is compromised
- Better for shared or public devices
Longer Sessions (1 Week - 1 Month):
- Improved user experience with fewer logins
- Better for personal devices and trusted environments
- Consider implementing automatic session refresh
Custom Session Length
For custom durations:
- Select “Custom” option
- Enter duration in minutes
- Consider your application’s specific security needs
- Balance security with user experience
Session Management Guides
Transaction Permissions
Configure how users confirm transactions and manage permissions.
Transaction Pop-ups
Control whether users see confirmation dialogs for transactions:
- Enabled: Users manually confirm each transaction via popup
- Disabled: Transactions proceed without additional confirmation
By default, transaction pop-ups are disabled allow for faster transaction signing. We recommend adding careful transaction validation in your application logic to ensure users are aware of the transactions they are signing.