Passkey Provider
Package: @nauth-toolkit/mfa-passkey
Type: MFA Provider
- npm
- Yarn
- pnpm
- Bun
npm install @nauth-toolkit/mfa-passkey
yarn add @nauth-toolkit/mfa-passkey
pnpm add @nauth-toolkit/mfa-passkey
bun add @nauth-toolkit/mfa-passkey
Exports
| Export | Type | Entry |
|---|---|---|
PasskeyMFAProviderService | Service | Default |
PasskeyService | Service | Default |
PasskeyMFAModule | NestJS Module | /nestjs |
Configuration
| Option | Type | Description |
|---|---|---|
rpName | string | Relying party display name |
rpId | string | Relying party ID (domain) |
origin | string[] | Allowed origins |
timeout | number | Timeout in milliseconds |
userVerification | string | 'preferred' | 'required' | 'discouraged' |
authenticatorAttachment | string | 'platform' | 'cross-platform' — restrict to built-in (FaceID/TouchID) or roaming (security key) authenticators |
Usage
- NestJS
- Express
- Fastify
import { PasskeyMFAModule } from '@nauth-toolkit/mfa-passkey/nestjs';
@Module({
imports: [
AuthModule.forRoot({
mfa: {
enabled: true,
allowedMethods: [MFAMethod.PASSKEY],
passkey: {
rpName: 'My App',
rpId: 'myapp.com',
origin: ['https://myapp.com'],
timeout: 60000,
userVerification: 'preferred',
},
},
}),
PasskeyMFAModule,
],
})
export class AppModule {}
const nauth = await NAuth.create({
config: {
mfa: {
enabled: true,
allowedMethods: [MFAMethod.PASSKEY],
passkey: {
rpName: 'My App',
rpId: 'myapp.com',
origin: ['https://myapp.com'],
timeout: 60000,
userVerification: 'preferred',
},
},
},
dataSource,
adapter: new ExpressAdapter(),
});
const nauth = await NAuth.create({
config: {
mfa: {
enabled: true,
allowedMethods: [MFAMethod.PASSKEY],
passkey: {
rpName: 'My App',
rpId: 'myapp.com',
origin: ['https://myapp.com'],
timeout: 60000,
userVerification: 'preferred',
},
},
},
dataSource,
adapter: new FastifyAdapter(),
});
Setup Flow
- Call
mfaService.setupDevice(userId, 'passkey') - Returns WebAuthn registration options
- Browser creates credential
- Submit attestation to complete setup