I currently run all my sites off SpringBoot (Java). How would I go about implementing support for Passkeys within SpringBoot? I'm looking for a library or any method of doing this.
CodePudding user response:
Solution 1: Simple Passkeys Implementation
Go with an out-of-the-box solution for front and backend integration. Personally, I use passkeys.com
Solution 2: A Low-Level Webauthn Implementation
On the server side, you will need to implement the webauthn standard and upgrade your frontend to use Passkeys. You can read more in Apple's docs.
CodePudding user response:
Before I dive into some recommendations, I'll first highlight that passkeys are WebAuthn credentials. Don't limit your search to only passkey implementations, if an app supports WebAuthn then it supports passkeys.
For your backend application I would recommend Yubico's java-webauthn-server. It is an open source java library to help with all aspects of developing a WebAuthn relying party. It's especially helpful when you need to convert between base64 to the bytearrays needed for WebAuthn ceremonies
If you need guidance on front end applications, there is the Yubico WebAuthn Starter Kit. It's a full reference architecture with code examples, UI/UX best practices, and integrations to AWS. I'll also point out that this also includes a backend relying party that utilizes the java-webauthn-server above.
If you're looking to learn more about WebAuthn as a concept, Yubico has plenty of documentation here: