loading...
Auth0

A Look at WebAuthn Resident Credentials

bachiauth0 profile image Bachi Originally published at auth0.com ・1 min read

TTL;DR: With the release of version 76, Google's Chrome browser now supports WebAuthn resident keys. These allow for a smoother, username-less login experience by saving some of the user data on the authenticator. Let's have a look at how this works.

WebAuthn Until Now
In a typical WebAuthn scenario, a credential ID is generated by the authenticator and saved on the server. This ID is used to identify the saved credential on the authenticator. We will save this credential ID linked to a username or other user identifiable property in our database.

When a user wants to authenticate using a previously created credential, they will enter their username in a login form. The server will look up the saved credential ID for this username and pass it along to the authenticator. The authenticator will then use this ID to select the correct credential to sign the authentication challenge.

This is a good solution, it eliminates the need for a password, and authenticates using the keys generated by the authenticator. The user still needs to enter a username every time they want to login. We can do better!
Continue reading 📖

Posted on by:

Auth0

Auth0 offers an identity and access management solution that works out of the box from day one, with the ability to customize, extend, and build new features when you need them. Identity might be complex, but dealing with it shouldn’t be.

Discussion

pic
Editor guide