Welcome to the https://github.com/GluuFederation/agama-passkey project. This project is governed by Gluu and published under an Apache 2.0 license.
Use this project to add user authentication with Passkey(passwordless authentication that uses a device to verify a user's identity before allowing them to access an account) 2-factor authentication.
For more information you can also see
- Register a client to integrate with SCIM (Used to list passkeys and edit), minimum scopes:
IDP | Description |
---|---|
Jans Auth Server | Deployment instructions |
Gluu Flex | Deployment instructions |
Qualified Name | Description |
---|---|
org.gluu.agama.passkey.main |
This is the main flow which you can directly launch from the browser. If you have not configured a passkey, you must first log in with your credentials and register your passkey(s) org.gluu.agama.passkey.list . If you have at least 1 passkey configured, then you can click the "Login with passkey" button. |
org.gluu.agama.passkey.list |
This flow is used to list the passkeys that the logged-in user has registered. If you do not have a passkey, an option to add a new passkey org.gluu.agama.passkey.add is enabled. If you already have at least one passkey, you can click Login with passkey . |
org.gluu.agama.passkey.add |
This flow is used to register a new passkey. The user has to validate his FIDO device, which can be a (Yubico key, Device fingerprint, Windows Hello, Apple Face ID, etc.). |
org.gluu.agama.passkey.nickname |
This flow is used to add a nickname to the newly registered passkey. Once completed this stream returns to the org.gluu.agama.passkey.list |
Flow | Property | Value Description |
---|---|---|
org.gluu.agama.passkey.main |
scimClientId | SCIM Client id |
org.gluu.agama.passkey.main |
scimClientSecret | SCIM Client secret |
Sample JSON:
{
"org.gluu.agama.passkey.main": {
"scimClientId": "PUT_YOUR_SCIM_CLIENT_ID_HERE",
"scimClientSecret": "PUT_YOUR_SCIM_CLIENT_SECRET"
}
}
Login with credentials and configure your first passkey device and as a last step complete the login with your new configured key.
Log in without credentials, use the Login with passkey
button.
Milton Ch. |
This project is licensed under the Apache 2.0