Web Authentication

From IndieWeb
Jump to: navigation, search


Web Authentication (WebAuthn) is a W3C Proposed Recommendation for an API to access public key credentials, including for a browser, optionally with the use of a hardware key.

w3c-spec-PR.svg

IndieAuth and WebAuthn

WebAuthn can be used as the authentication during an IndieAuth flow. Similarly to how WebAuthn doesn't replace the need for OAuth, WebAuthn doesn't replace the need for IndieAuth. WebAuthn takes the place of a password when authenticating to your account. In the context of IndieAuth, WebAuthn can be used as the way you log in to your own site, which then you can use with IndieAuth to log in to other sites.

You can implement them in either order, and implementing both is beneficial.

IndieWeb Examples

Examples of IndieWeb sites using WebAuthn to authenticate.

Criticism


See Also