Webauthn Framework
v2.x
v2.x
  • Introduction
  • Installation
  • Webauthn In A Nutshell
    • Authenticators
    • Ceremonies
  • Pre-requisites
    • The Relying Party
    • Credential Souce Repository
    • User Entity And Repository
    • Javascript
  • The Webauthn Server
    • The Easy Way
      • Authenticator Registration
      • User Authentication
    • The Hard Way
    • The Symfony Way
      • Entities with Doctrine
      • Register Authenticators
      • Authenticate Your Users
      • Firewall
  • Deep into the framework
    • Attestation and Metadata Statement
    • Authenticator Selection Criteria
    • Authentication without username
    • Extensions
    • Token Binding
Powered by GitBook
On this page
  • Physical Authenticators
  • Software-Based Authenticators

Was this helpful?

Edit on GitHub
Export as PDF
  1. Webauthn In A Nutshell

Authenticators

PreviousInstallationNextCeremonies

Last updated 3 years ago

Was this helpful?

An Authenticator s a cryptographic entity used generate a public key credential and registered by a Relying Party (i.e. an application). This public key is used to authenticate by potentially verifying a user in the form of an authentication assertion and other data.

Authenticators may have additional features such as PIN code or biometric sensors (fingerprint, facial recognition…) that offer user verification.

Physical Authenticators

The authenticator may have different forms. The most common form is a USB device the user plugs into its computer. It can be a paired Bluetooth device or a card with NFC capabilities.

Software-Based Authenticators

The authenticator can also be software based and integrated in an Operating System ; for example the smartphone using Android or a laptop with Windows 10 can act as an authenticator.

USB device with fingerprint reader
Webauthn compatible devices
Android screenshot