Skip to content

Passkeys SupportΒ #1046

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
Passkeys Support#1046
Labels
enhancementNew feature or request
@victorbojica

Description

@victorbojica
victorbojica
opened on Sep 24, 2024

πŸš€ Feature

Implementation details

Implemenation docs:
https://docs.google.com/document/d/1G7tO9_dSNi8wur3ajGg4pq-wiHatKDbHv2sBt-uSbQg/edit

TODO

  • Should passkeys always be dependent email and password users or have it's own users ?
  • Should be a paid feature ?
  • Try using same table for challenges
  • add indexes on timeout column(s) for querying with cron for removal
  • remove schema unused columns (also drop webauth_user_id)
  • check counter implementation should work (safari returning 0 everytime)
  • timestamps use bigint
  • credentials pk should also use app id
  • add tenant id only to challenges table
  • Confirm Passkeys SupportΒ #1046 (comment)
    • From a security point of view, since we allow all fallback methods, passkeys adds no additional security. Is this ok?
    • Should we allow adding passkeys to third party login? Seems strange.
    • Unlike some other providers, we will not allow users to sign up with just a passkey (no password). Is this ok?

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions