How does a dapp get the II-passkey of a user visit and transfer all its` ownership to that specific dapp?

I didn’t find the API about CRUD on a user`s II-key.

On the IC, you don’t assign things to an ID. You make things accessible to a certain identity. Therefore, e.g. to transfer ICP to a user, you send the ICP to an account that is accessible to that identity. If that identity then tries to transfer the ICP out, then they are allowed to do that. The same works for other assets too, like canisters