A Developer's Guide to WebAuthN

Рет қаралды 12,099

Күн бұрын

Пікірлер: 14

@agilanrajarathinam6309 Жыл бұрын

Thanks for the explanation and I have doubts while use webauthn. 1. In smartphone(android) device where the private key are stored can I able to view. 2. Why Bluetooth connection is needed while scanning the QR code to login (authenticate)

@WillJohnsonio Жыл бұрын

Hey Agilan, great questions! 1. The private key is stored on the devices TPM or Trusted Platform Module and the private key can't be viewed for security concerns. 2. Bluetooth is necessary to ensure the devices are in close proximity to each other

@fallinginthed33p Жыл бұрын

@@WillJohnsonioIt's a cool development that takes the process flow behind hardware security keys like Yubikeys and adapts it to phones. Instead of connecting the phone to a computer using USB like with a typical hardware key, Bluetooth is used because it's more convenient. The key (pun intended) is to have the login computer and authenticating device in physical proximity so someone else in another country can't use your username and password to log in.

@Viviko Ай бұрын

So, what do I actually save on the server and what do I send to the server to verify authentication? I get the flow. Just struggling to condeotuslize the flow from device to server and vise versa.

@conradtwonine9414 Жыл бұрын

interesting, any actual code implementation that you can demonstrate?

@OktaDev Жыл бұрын

Thanks for watching our WebAuthn video. You can follow our WebAuthn Developer Labs with any of our client application code samples. WebAuthn with FIDO Security Keys Lab: developer.auth0.com/resources/labs/authentication/webauthn-with-fido-security-keys#introduction WebAuthn with Biometrics Lab: developer.auth0.com/resources/labs/authentication/webauthn-with-biometrics#introduction Client Code Samples: developer.auth0.com/resources/code-samples/spa Please let us know if you have any questions or feedback. Thanks!

@Pinefenario 8 ай бұрын

Good explanation. It’s about time websites start implementing webauthn imho.

@sakshi-ok8zu Жыл бұрын

This was super helpful. Thanks!

@WillJohnsonio Жыл бұрын

You're welcome

@bryantmichael6863 Жыл бұрын

Can a webapp get webauthn

@p19shelt 11 ай бұрын

simplewebauthen

@dasfahrer8187 10 ай бұрын

Solve the key storage limitation (and inability to store keys at all) and it will be useful. Until then, it's just not going to be viable, long-term solution.

@ox3965 Жыл бұрын

Not sure if you get this message, very good video. I have been trying trying to build a web auth that uses yubikeys, for a weeks for university project. Could you help in anyway please, as I am really stuck. 😢