Skip to main content
The WebAuthn API provides endpoints for implementing passwordless authentication using FIDO2 credentials like security keys, platform authenticators (Face ID, Touch ID), and biometric devices.

Key Features

  • Passwordless authentication using FIDO2/WebAuthn standards
  • Support for multiple credentials per user
  • Resident key support for usernameless authentication
  • Challenge-response authentication flow
  • Credential lifecycle management

Authentication Flow

Registration Flow

  1. Generate registration options with /recipe/webauthn/options/register
  2. Client performs WebAuthn registration ceremony
  3. Complete registration with /recipe/webauthn/signup or /recipe/webauthn/user/credential/register

Sign-In Flow

  1. Generate sign-in options with /recipe/webauthn/options/signin
  2. Client performs WebAuthn authentication ceremony
  3. Verify credentials with /recipe/webauthn/signin

Base Path

All WebAuthn endpoints are prefixed with /recipe/webauthn

Registration

Generate options and register new WebAuthn credentials

Authentication

Generate options and authenticate with WebAuthn credentials

Credentials

Manage user credentials (list, get, remove)

Build docs developers (and LLMs) love

Get started for freeTalk to us