[keycloak-dev] Any plans to support Web Authentication API?

Vlastimil Elias velias at redhat.com
Tue May 29 03:16:12 EDT 2018


it looks like that Web Authentication API [1] is going to be a new 
standard widely adopted by browsers to improve web authentication security.

It helps to prevent phishing attacks (as it automatically validates 
domain of the login page) and allows to use device's auth hardware (eg 
biometrics HW) to login into websites.

Any plans to support it in Keycloak?

More info in Google IO 2018 session and related blogpost [2]



[1] https://www.w3.org/TR/webauthn/

[2] https://developers.google.com/web/updates/2018/05/webauthn

Vlastimil Elias
Principal Software Engineer, Middleware Engineering Services
Red Hat

More information about the keycloak-dev mailing list