WebauthnStamper

Introduction

The @turnkey/webauthn-stamper package is used for stamping requests made to Turnkey's API with WebAuthn credentials, but specifically for use with passkeys.

For more information on passkeys and WebAuthn refer to this section.

Installing

To get started install the @turnkey/webauthn-stamper client.

npm

npm i @turnkey/webauthn-stamper

pnpm

pnpm i @turnkey/webauthn-stamper

yarn

 yarn add @turnkey/webauthn-stamper

Initializing

The WebauthnStamper class is a utility designed to facilitate the process of creating a digital stamp using WebAuthn credentials. This stamp is essential for authenticating requests made to a web server or API that utilizes WebAuthn for secure, passwordless authentication. You can initialize a new WebauthnStamper using the WebauthnStamper constructor:

constructor(config: TWebauthnStamperConfig): WebauthnStamper

Parameters

configTWebauthnStamperConfigrequired

An object containing configuration settings for the stamper.

.rpIdstringrequired

The RPID ("Relying Party ID") for your origin. For an origin named https://www.example.com, the RPID is typically example.com. If you're testing on localhost, the RPID should be localhost.

.timeoutnumber

The time in milliseconds before the stamp request times out. Defaults to 300000 milliseconds (5 minutes) if not specified.

.userVerificationUserVerificationRequirement

Specifies the user verification requirements. Can be set to values like required, preferred, or discouraged. Defaults to preferred if not provided.

.allowCredentialsPublicKeyCredentialDescriptor[]

An array of credential descriptors specifying the credentials to be allowed during authentication. This is optional and defaults to an empty array.

Types

TWebauthnStamperConfig

type TWebauthnStamperConfig = {
  rpId: string;
  timeout?: number;
  userVerification?: UserVerificationRequirement;
  allowCredentials?: PublicKeyCredentialDescriptor[];
};

UserVerificationRequirement

type UserVerificationRequirement = "discouraged" | "preferred" | "required";

Refer to our guide on using passkeys for more information on this type and its usage.

PublicKeyCredentialDescriptor

interface PublicKeyCredentialDescriptor {
  id: BufferSource;
  transports?: AuthenticatorTransport[];
  type: PublicKeyCredentialType;
}

Refer to our guide on using passkeys for more information on this type and its usage.

Example

import { WebauthnStamper } from "@turnkey/webauthn-stamper";
import { TurnkeyClient } from "@turnkey/http";

const stamper = new WebAuthnStamper({
  rpId: "example.com",
});

// New HTTP client able to sign with passkeys!
const httpClient = new TurnkeyClient(
  { baseUrl: "https://api.turnkey.com" },
  stamper,
);

Methods

stamp: (input: string) => Promise<TStamp>

Creates a digital stamp, which includes the public key, signature scheme, and a signature based on WebAuthn credentials.

Parameters

inputstringrequired

The Turnkey activity request, or query to be sent to Turnkey's API.

Types

TStamp

type TStamp = {
  stampHeaderName: string;
  stampHeaderValue: string;
};