You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Add swift content for WebAuthn Passkeys
* Add managing credentials blurb
* Add more details about setting up passkeys for Android
* Improve passwordless docs for Android
* Update managing credentials blurb
* Fix spelling check failures
* Add Swift code samples for password and for selecting preferred challenge
Copy file name to clipboardExpand all lines: src/pages/[platform]/build-a-backend/auth/concepts/passwordless/index.mdx
+13-3Lines changed: 13 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,7 +42,7 @@ Passwordless authentication removes the security risks and user friction associa
42
42
43
43
</Callout>
44
44
45
-
Learn how to implement passwordless sign-in flows by [overriding the Cognito UserPool to enable the sign-in methods below](/[platform]/build-a-backend/auth/modify-resources-with-cdk/#override-cognito-userpool-to-enable-passwordless-sign-in-methods).
45
+
Learn how to enable passwordless sign-in flows by [overriding the Cognito UserPool to enable the sign-in methods below](/[platform]/build-a-backend/auth/modify-resources-with-cdk/#override-cognito-userpool-to-enable-passwordless-sign-in-methods).
46
46
47
47
{/* need a section about what a "preferred" factor is */}
48
48
@@ -131,7 +131,17 @@ WebAuthn uses biometrics or security keys for authentication, leveraging device-
131
131
</InlineFilter>
132
132
<InlineFilterfilters={["android"]}>
133
133
134
-
{/**/}
134
+
You can read more about how passkeys work in the [Android developer docs](https://developer.android.com/design/ui/mobile/guides/patterns/passkeys).
135
+
136
+
<Calloutwarning>
137
+
Registering a passkey is supported on Android 9 (API level 28) and above.
138
+
</Callout>
139
+
140
+
Using passkeys with Amplify requires following these steps:
141
+
142
+
1. Deploy a Digital Asset Links file to your website granting the `get_login_creds` permission to your application. See the [Credential Manager documentation](https://developer.android.com/identity/sign-in/credential-manager#add-support-dal) for more details about this file.
143
+
1.[Configure your Amazon Cognito user pool](/[platform]/build-a-backend/auth/modify-resources-with-cdk/#override-cognito-userpool-to-enable-passwordless-sign-in-methods) with `WEB_AUTHN` as an allowed first factor, and specify your website domain as the `WebAuthnRelyingPartyID`.
144
+
1. Use the Amplify Android APIs to first [register a passkey](/[platform]/build-a-backend/auth/manage-users/manage-webauthn-credentials/#associate-webauthn-credentials) and then to [sign in with WebAuthn](/[platform]/build-a-backend/auth/connect-your-frontend/sign-in/#webauthn-passkeys).
135
145
136
146
</InlineFilter>
137
147
<InlineFilterfilters={["swift"]}>
@@ -144,6 +154,6 @@ WebAuthn uses biometrics or security keys for authentication, leveraging device-
144
154
145
155
### Managing credentials
146
156
147
-
{/* quick blurb then segue over to "manage WebAuthn credentials" page */}
157
+
Passwordless authentication with WebAuthn requires associating one or more credentials with the user's Amazon Cognito account. Amplify provides APIs that integrate with each platform's local authenticator to easily create, view, and delete these credential associations.
148
158
149
159
[Learn more about managing WebAuthn credentials](/[platform]/build-a-backend/auth/manage-users/manage-webauthn-credentials).
0 commit comments