Passwordless Authentication
Passkeys
Server Setup

Passkey Server

We'll guide you through setting up two endpoints to handle passkey registration and validation requests. The frontend library creates these requests from a logged-in user. We'll be using the keyri-auth-core library for authentication.

Passkey Registration

First, set up an endpoint to handle the passkey registration request.

// Import the keyri-auth-core library and required keys
import * as KeyriAuthCore from "keyri-auth-core";
import { publicSignatureKey, privateSignatureKey } from "./keys.mjs";
const { passkeyRegister } = KeyriAuthCore.default.ApplessServer;
const HOST = "example.com";
 
// Verify the user's ID (replace IDP.getUserData with your identity provider's
method) const user = await IDP.getUserData(request.body);
 
// Create the passkey registration handler export async function
passkey_registration(req, res, nxt) { try { const response = await
passkeyRegister( publicSignatureKey, privateSignatureKey, req.body, HOST,
user.userId, user.userName, user.metaData );
 
    res.status(200).send(response);
 
} catch (error) { console.error(error); res.status(400).send({ message: "Passkey
registration failed" }); } }

Passkey Validation

Next, set up an endpoint to handle the passkey validation request.

// Import the keyri-auth-core library and required keys
import * as KeyriAuthCore from "keyri-auth-core";
import { publicSignatureKey, apiPublicKey } from "./keys.mjs";
const { passkeyLogin } = KeyriAuthCore.default.ApplessServer;
 
// Create the passkey validation handler export async function
passkey_validation(req, res, nxt) { try { const response = await
passkeyLogin(apiPublicKey, req.body, publicSignatureKey); res.status(200).send({
message: "You are authorized to log in" }); } catch (error) {
console.error(error); res.status(400).send({ message: "Passkey validation
failed" }); } }

Managing Keys

In this example, we're importing keys from an mjs file. For better security in a production environment, store these keys as environment variables.

To obtain your application's keys, visit app.keyri.com > Setup & Credentials > Generate Fraud API Encryption Keys.

Mobile Browser SetupAmazon Cognito