FIDO2 WebAuthn support

See this information on bitwarden site.

https://bitwarden.com/help/article/setup-two-step-login-fido/

Has anybody attempted to use this protocol for production use? While it is possible to make a custom app that does the job by monkey patching the frappe core, would like to know how it has been achieved by the rest of the community.

Use keycloak https://www.keycloak.org/docs/latest/server_admin/#authenticate-with-webauthn-authenticator

I use my own oidc auth server that does this. I use it to achieve password-less login and ability to “choose account”. I didn’t find any auth servers that allow these two features.

Once any oidc server is set up, use it as social login key with js that does automatic social login when it lands on login page of Frappe/ERPNext site.

2 Likes

That’s great
We have been looking for a similar solution ourselves

Do you have any blog post or guide on the setup?