Skip to main content

WebAuthn API Terminology

WebAuthn

WebAuthn (Web Authentication), part of FIDO2 (Fast Identity Online 2) specifications, is an open standard for web-based authentication developed by the FIDO Alliance and the World Wide Web Consortium (W3C) . Rather than relying on passwords, it uses public key cryptography to allow users to register and authenticate with web services using an authenticator (e.g. Bravura Safe).

Relying Party

The entity (website or online service) using the WebAuthn API within its web service to carry out the registration and authentication of its users.

Relying Party Identifier (RP ID)

A valid domain string that identifies the relying party for which a registration or authentication ceremony is performed.

Note

Relying parties (RPs) play a crucial role in the process of authentication, as they initiate the request for authentication and validate the received credential.

WebAuthn Authenticator

The Bravura Safe application acts as a cryptographic software entity that can register a user with a relying party, assert possession of the registered public key credential and verify the user when requested by the relying party.

Registration Ceremony

The process in which a user, a relying party, and Bravura Safe collaborate to generate a public key credential and link it to the user’s account with the relying party. This may involve a test of user presence or user verification.

Authentication Ceremony

The process in which a user and Bravura Safe collaborate to prove to the relying party that the user controls the private key associated with an already-registered public key credential. This may involve a test of user presence or user verification.

Credential Key Pair

The set of asymmetric cryptographic keys generated by Bravura Safe and used exclusively with a particular relying party for authentication.

Credential Private Key

The Bravura Safe-specific private key of a credential key pair that is managed by Bravura Safe and never revealed to any other entity, including the Bravura Safe account holder.

Credential Public Key

The public key component of a credential key pair that is returned to the relying party as part of the registration ceremony.

User Handle

A unique user identifier (user.id value) used by the relying party to link a particular public key credential to a user's relying party account. Bravura Safe uses this value, along with the RP ID, to associate public key credentials with the user's Bravura Safe account.

User Verification

The process used by Bravura Safe to identify the intended user and authorize the operations required to create a new passkey credential. This can include a PIN or biometric input, etc.

Note

For additional related terminology, click the link in the copyright notice immediately below.

Copyright © 2023 W3C®. This document includes material copied from or derived from Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Recommendation, 8 April 2021 https://www.w3.org/TR/webauthn-2/#sctn-terminology . Latest published version.

In this section: