BindID Production Tips

WebAuthn Browser Support

The Web Authentication (WebAuthn) API is part of the FIDO2 specification that defines passwordless, key-based credentials for web browsers. When logging in with the WebAuthn API, the web application commonly uses a device's platform authenticator to authenticate the user. Platform authenticators are user verification methods that are a built into the user's device, such as FaceID, TouchID, a device PIN, and Windows Hello.

BindID builds on the FIDO2 specification, which allows your end users to authenticate to your applications using WebAuthn (see the BindID support matrix for a list supported devices and web browsers). So, while preparing your BindID integration, it is useful to check how many of your users log in to your service using a device that has a platform authenticator.

You can collect this information for web browsers by calling the isUserVerifyingPlatformAuthenticatorAvailable() JavaScript API in your applications. The API returns true if the user is using a device with an available platform authenticator. Collecting data regarding WebAuthn support of your end-users' devices can help you understand the impact of your implementation decisions, such as whether to require biometrics or enable on a fallback method.