0

I'm currently working on a project, which has a Web API, which is to be consumed by a native application. For the sake of brevity, assume that the application cannot be re-written to be a Web Application.

Right now, user registration and authentication works via a simple API request, returning a JWT upon submitting the correct user credentials. Now the wish has been voiced to support FIDO2 for YubiKey-based authentication, either to replace passwords or as second factor. However, from the documents I have read so far, the talk is always about web applications, browsers and JavaScript frameworks.

This raises the question, is it possible to implement FIDO2 authentication in a native application? Or is it strictly for browsers?

Improve this question

1 Answer 1

Reset to default
2

Microsoft has a documentation about implementing FIDO2 in Apps, that also covers Desktop Apps: https://docs.microsoft.com/en-US/azure/active-directory/develop/support-fido2-authentication

They suggest to use the Web Account Manager from Windows.

Google has a documentation to implement FIDO2 for Android Apps: https://developers.google.com/identity/fido/android/native-apps?hl=en

So it is possible to implement FIDO2 outside of web applications, but you will have to find resources for your use case. What language and framework are you using and what's your targeted platform?

Improve this answer
2
  • Backend API will be written in ASP.NET Core. As for the native client, C++. I'm only tangentially involved with the native client however.
    – Eren
    Commented Nov 22, 2021 at 10:19
  • I'm not sure about c++. github.com/herrjemand/awesome-webauthn#client-libs lists a C library (libfido2) and a Rust library (authenticator-rs). The later one is from Mozilla.
    – seism0saurus
    Commented Nov 22, 2021 at 10:47

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .