Note: This is a work in progress. The Web Authentication standard is not yet finished, and additional pre-1.0 releases of this library may introduce breaking API changes.
Server-side Web Authentication library for Java. Provides implementations of the Relying Party operations required for a server to support Web Authentication. This includes registering authenticators and authenticating registered authenticators.
Planned breaking changes
Update spec version from Candidate Recommendation 2018-03-20 to Proposed Recommendation 2018-11-??. This will involve renaming a couple of classes and methods.
webauthn-server-demo for a complete demo
server, which stores authenticator registrations temporarily in memory.
Use the included
Gradle wrapper to
$ ./gradlew :webauthn-server-core:jar
The output is built in the
webauthn-server-core/build/libs/ directory, and the
version is derived from the most recent Git tag. Builds done on a tagged commit
will have a plain
x.y.z version number, while a build on any other commit will
result in a version number containing the abbreviated commit hash.
.jar artifact of this project can be used in JDK version 8 or
later, the project as a whole currently builds only in JDK 8. This is because
most tests are written in Scala, which
only supports JDK 8. Therefore compiling the tests can currently only be done
in JDK 8, and so
./gradlew build and similar tasks will fail in JDKs other
To run the tests (requires JDK 8):
$ ./gradlew check
To run the PIT mutation tests (requires JDK 8):
$ ./gradlew pitest