WebAuthN MFA Challenge
Instead of manually implementing the protocol we advise using a WebAuthN library for browser. In this section @simplewebauthn/browser will be used.
Registration:
During registration, the client generates a new public-private key pair, and the public key is registered with PlusAuth. The private key never leaves the end user's device.
PlusAuth provides registration options in window.PlusAuth.details.registration_options
.
Authentication:
To authenticate, the end users simply need to prove possession of their private key, which can be done through biometrics, PINs, or other user-friendly methods.
PlusAuth provides authentication options in window.PlusAuth.details.authentication_options
.
Registration
const { startRegistration } = SimpleWebAuthnBrowser;
const response = await startRegistration(window.PlusAuth.details.registration_options)
// implement post response
Authentication
const { startAuthentication } = SimpleWebAuthnBrowser;
const response = await startAuthentication(window.PlusAuth.details.authentication_options)
// implement post response
session