Skip to content
Open-source FIDO server, featuring the FIDO2 standard. https://encryptedweb.org
Java CSS HTML JavaScript Shell PHP TSQL
Branch: master
Clone or download
Latest commit b80a904 Jan 16, 2020
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/ISSUE_TEMPLATE copy edit Apr 5, 2019
docs
sampleapps/java minor edits Dec 17, 2019
server Clustering (#17) Sep 18, 2019
.gitignore Fidopolicies (#13) Jul 16, 2019
CODE_OF_CONDUCT.md Update CODE_OF_CONDUCT.md Apr 5, 2019
CONTRIBUTING.md Organizing the existing FIDO2 code in the new repository format Apr 4, 2019
LICENSE Organizing the existing FIDO2 code in the new repository format Apr 4, 2019
README.md Update README.md Jan 16, 2020
fido2server-v0.9.1-dist.tgz

README.md

FIDO2 Server, Community Edition

README

Overview

StrongKey's Certified FIDO2 Server, Community Edition is an open-source solution designed for DIY coders who want password-less FIDO2 logins for any application. Download the code and integrate it with your own web login, or study the OpenAPI documentation and contribute with your own code submissions.

StrongKey FIDO Certificate

ATTENTION: This distributions is NOT a FIDO2 "server library". It is a full-blown, enterprise FIDO Certified FIDO2 Server that goes above and beyond a "server library". Specifically, the StrongKey FIDO2 Enterprise Server has the following features:

  • It is separate from the RP's business web application, using its own database, web services, and processing environment so it does not impact the resources of the business web application
  • It is intended to be shared as a centralized service by many or all business web applications within the enterprise
  • It is designed to support different parts of the enterprise through different "domains"--where domains can be separated by geography, business division, regulation, etc.
  • It provides HA/DR as a standard feature through clustered servers,working with third-party load balancers, regardless of whether the web application has HA/DR capability or not
  • It provides static and dynamic configuration tools to customize policies of the enterprise FIDO2 server
  • It provides a separate software FIDO2 Authenticator simulator for developers to perform large-scale performance testing
  • It provides monitoring tools and instrumentation to manage the FIDO2 server independent of business web applications (in development)
  • It provides a dashboard for administering the FIDO2 server (in development)
  • ... and more

The following links provide some background on FIDO, the FIDO Alliance, and FIDO2:

Installation

  1. Follow the installation instructions to download the FIDO2 Server and get it running as a stand-alone server.
  2. Follow the clustering instructions to download the FIDO2 Server and get it running as a cluster.

Sample Applications

Sample code is provided with a brief explanation of what each sample does:

  • Java Samples
    • DEMO: A basic Java application demonstrating FIDO2 registration and authentication
    • Basic: Basic Java sample application
    • PoC: Proof of concept (PoC) Java application
    • Android: Proof of concept Android application

API docs

Interactive OpenAPI documentation for FIDO2 Server

Contributing

If you would like to contribute to the FIDO2 Server, Community Edition project, please read CONTRIBUTING.md, then sign and return the Contributor License Agreement (CLA).

Licensing

This project is currently licensed under the GNU Lesser General Public License v2.1.

Bouncy Castle Federal Information Processing Standards (BC FIPS) is included with permission from the Legion of the Bouncy Castle, Inc. Source and other details for the module, as well as any updates, are available from the Legion's website at https://www.bouncycastle.org/fips-java.

You can’t perform that action at this time.