Spring Security WebAuthn provides Web Authentication specification support for your Spring application. Users can login with WebAuthn compliant authenticator.

This library is intended to be merged into Spring-Security as a pull-request. Package name will be changed when it is remade into the pull-request. This library itself is feature-complete, but is not for production use for now as it depends on customized Spring-Security build.

You can find out more details from the reference.

Spring Security WebAuthn uses a Gradle based build system. In the instructions below, gradlew is invoked from the root of the source tree and serves as a cross-platform, self-contained bootstrap mechanism for the build.

• Java8 or later
• Spring Framework 5.0 or later
• Spring Security 5.0 (Customized build)

To support multi factor authentication flow, spring-security-webauthn requires modification to spring-security. The modification will be sent to spring-security project as a pull-request by the spring-security-webauthn becomes stable, but for now, not available with normal spring-security.

git clone https://github.com/sharplab/spring-security-webauthn

./gradlew build

./gradlew spring-security-webauthn-samples/javaconfig/webauthn/spa:bootRun

Spring Security WebAuthn is Open Source software released under the Apache 2.0 license.