RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://developers.google.com/identity/passkeys/developer-guides/server-introduction below:

Introduction to server-side passkey implementation | Web guides

Skip to main content Introduction to server-side passkey implementation

Stay organized with collections Save and categorize content based on your preferences.

Note: This article is part of a series on server-side passkey implementation. Explore the other articles in this series: Server-side passkey registration and Server-side passkey authentication. Overview

When using synchronized passkeys, people authenticate with a passkey provider.

Key Term: A passkey provider is a piece of software used to generate and provide cryptographically-secure credentials. Examples of passkey providers include Google Password Manager, Apple iCloud Keychain, Windows Hello, Dashlane and more.

To create and authenticate with passkeys, you will use the WebAuthn API for the web, or the Credential Manager API for Android apps. These APIs handle the communication between the client and the passkey provider.

While these APIs are called from a client such as a web page or Android app, you need to implement the rest of the functionality on the server to complete your authentication use cases.

A passkey implementation consists of two functionalities:

Passkey registration. Use the WebAuthn API or the Credential Manager API to let the user create a passkey. Store the associated public key on the server.
Authentication with a passkey. Get an authentication challenge from the server and use the WebAuthn API or Credential Manager API to let the user sign this challenge with their passkey. Verify the signature on the server. If the signature is valid, authenticate the user.

Server-side libraries

While it's possible to implement server-side passkeys functionality from scratch, we recommend that you rely on a library instead.

A server that supports passkey creation and authentication is called a FIDO2 server, or FIDO server for short. By extension, we'll refer here to server-side libraries that implement passkey support as FIDO server-side libraries.

Note: FIDO2 is an umbrella term for the effort that produced the WebAuthn API and the CTAP2 protocol that passkeys rely on. Why use a library?

Using a FIDO server-side library has several advantages:

Time and developer experience. The WebAuthn specification is complex. FIDO server-side libraries can provide simple APIs for implementing passkeys, which can save you time and development resources.
Maintainability. The WebAuthn specification is still subject to change. Using the latest version of an actively maintained library helps keep your implementation up-to-date.
Security and compliance. You want your passkey implementation to conform to the WebAuthn specification and its security requirements. FIDO server-side libraries can help you keep your implementation secure and compliant with the specification. Depending on your product and industry, your implementation may also be subject to regulations that require you to use specific security standards for authentication.

If possible, consider financially supporting open source projects your product relies on.

Libraries Note: To select your passkey library, refer to the selection criteria.

The awesome-webauthn GitHub repository includes a community-curated list of server-side libraries. You'll find libraries for JavaScript and TypeScript, Go, Python, and more.
A collection of libraries is available on passkeys.dev. It's maintained by the W3C WebAuthn Adoption Community Group.
FIDO Alliance references a collection of FIDO2 servers.

Next up

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-05-19 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-19 UTC."],[[["Passkeys utilize passkey providers, like Google Password Manager or Apple iCloud Keychain, for secure credential generation and authentication."],["Server-side implementation involves passkey registration (storing public keys) and authentication (verifying signatures)."],["Using FIDO server-side libraries is recommended for simplified implementation, maintainability, and enhanced security."],["Several curated lists of FIDO server-side libraries are available for various programming languages, including JavaScript, Go, and Python."]]],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4