Authentication is scary, difficult, dangerous, and… essential. Most apps need some form of it, often as a prerequisite for almost all end-user requests.
Join me for a fresh and practical perspective on authentication architecture for the modern, open web, using modern standards like WebAuthn.
We'll set up a passwordless authentication layer that's fast, distributed, secure, isolated from the rest of your system, and minimally annoying to integrate and maintain.
3. adjective • informal • /zen/
Relaxed and unconcerned
about things beyond
one's control.
zen
noun • hot topic • /edʒ kəmˈpjuːt/
Bringing computation
and data as close as
possible to where it is
needed.*
* while retaining control of the
environment
edge
noun • /ɑːˌθen.t̬əˈkeɪ.ʃən/
The process of
verifying the identity
of a person or device.
authentication
secure login flows ✨
large-scale, coordination free.
.distributed systems ✨
4. Robert M Pirsig
Zen y el arte de la mantención de la motocicleta
"the most widely read philosophy book of all time"
33. user client server (RP) authenticator
get authentication
options
🙏 sign in
with passkey
34. user client server (RP) authenticator
get authentication
options
🙏 sign in
with passkey
options +
random challenge
{ o7Hr4N60m… }
35. user client server (RP) authenticator
navigator.credentials.get( )
{ o7Hr4N60m… }
36. user client server (RP) authenticator
verify user
navigator.credentials.get( )
{ o7Hr4N60m… }
37. user client server (RP) authenticator
verify user
sign challenge +
get credentials
sig:o7Hr… credentialId
navigator.credentials.get( )
{ o7Hr4N60m… }