How it works
Returning users on a new device
When an existing user signs in from a device they haven’t used before, the following happens:- Dynamic detects that the device is unrecognized
- The user receives an email with a verification link
- The user clicks the link to confirm they initiated the sign-in
- The device is registered as trusted and the user is granted full access
New users
For new users signing up for the first time, device registration happens automatically in the background. There is no additional verification step — the device they sign up from is trusted immediately, keeping the onboarding experience frictionless.Verification methods
Dynamic uses different approaches to identify trusted devices:- Cookie-based verification — when cookie-based authentication is enabled, Dynamic uses a secure cookie to identify trusted devices
- Public key-based verification — when cookies are not enabled, the device proves its identity cryptographically using a public key
Enabling device registration
You can enable device registration from the Dynamic Dashboard under your environment’s security settings. Device registration requires SDK v5 or later.SDK guides
For implementation details, see the guide for your SDK:- React SDK — Automatic UI or headless integration
- React Native SDK — Automatic UI or headless integration for mobile
- JavaScript SDK — Headless integration with full control over the UI and flow
Next steps
- Security overview — Learn about Dynamic’s broader security posture
- Recommended security practices — Review the full checklist of security measures for your app
- MFA — Add multi-factor authentication as an additional layer of protection