Client application
This section will cover an example client application for a high assurance scenario. The client is based on a fictional bank that allows users to leverage any passkey type, but requires a high assurance passkey for sensitive transactions. This section will cover different user flows, and other UX best practices for guiding users on the appropriate passkeys to leverage.
Prerequisite knowledge
Before you continue into this section, please ensure that you review the previous section on web client implementations. The previous sections provide generic implementation guidance on how to register, authenticate, and manage passkeys using a common web application. From this point on, this section assumes that you know how to call the relying party API, and how to use the navigator.credentials.create() and navigator.credentials.get() methods.
📄️ User registration
This section will cover the self-registration of a new user account. The user will create a new account by entering their username, and registering their first passkey.
📄️ User authentication
This section will cover the authentication flow for a user to access their account.
📄️ Credential management
This section will cover how to incorporate credential management into your application. Credential management includes the actions a user will take to manage the passkeys in their account. These action can include:
📄️ Step up authentication
This section covers how to incorporate step up authentication from the client application. Step up authentication is used to promote the level of a user's access when trying to perform a sensitive, or high-risk action.
📄️ Advanced protection
This section will cover the topic of advanced protection. Advanced protection allows a user to declare that they want their account to be secured by the highest degree of assurance regardless of other convenience mechanisms. In this section we will outline how this is enabled from our client application, and the effect it will have on the user experience.