Overview
The Rock Solid Knowledge FIDO2 component for .NET 6.0 and .NET 8 allows you to build web applications that can authenticate users using password-less or any FIDO2 compatible authenticator device. Configuring the component will allow your .NET web application to act as a FIDO2 relying party, generating registration and authentication requests, validating responses, and storing public keys.
Authentication using FIDO2 requires a browser with the WebAuthn JS API, and a valid authenticator (e.g. a CTAP1/CTAP2 roaming authenticator, or OS platform authenticator).
Our component aims to be as simple as possible to use, with minimal FIDO knowledge necessary. We support .NET 6.0, and .NET 8.0. The component can be installed directly on the Web Application that requires it, or used as an API.
At a high level, our FIDO2 component has a single entry point, IFidoAuthentication
, that consists of four methods
InitiateRegistration
andCompleteRegistration
InitiateAuthentication
andCompleteAuthentication
When registering a new FIDO Device, the InitiateRegistration
method generates a WebAuthn Challenge, JavaScript is used to interact with the browser's WebAuthN API for attestation. The response is passed back to CompleteRegistration
and the FIDO device will be registered for the user.
When authenticating using a FIDO Device the InitiateAuthentication
method generates the WebAuthn challenge, JavaScript is used to interact with the browser's WebAuthN API for authentication. The response is passed back to CompleteAuthentication
and the FIDO component will validate the response and return a UserId that can be used to sign a user in.
To learn more about FIDO2 and the WebAuthn API, we recommend the following resources: