Sign In with WebAuthn
Sign in with WebAuthn allows you to authenticate users using TouchID or Windows Hello from their browser. This means, you can use biometric authentication from your website.

WebAuthn with Cotter's JS SDK
WebAuthn authentication works the following way:
- 1.A new user would be prompted to either enter a verification code or magic link sent to their email or phone.
- 2.Once the user verified their email/phone, the SDK will automatically prompt the user if they want to register this device for fast logins next time.
- 3.The user can press "Enable TouchID" and successfully register their laptop.
- 4.When the user login next time, the user will automatically be prompted to use TouchID to login. As a fallback method, the user can choose to send a link or code to their email/phone instead.
To use our Javascript SDK, include the script below in your HTML page or use the npm package.
<script>
npm
yarn
<script
src="https://unpkg.com/[email protected]/dist/cotter.min.js"
type="text/javascript"
></script>
npm install cotter --save
yarn add cotter
HTML
React
<!-- 2️⃣ Setup a div to contain the form -->
<div id="cotter-form-container" style="width: 300px; height: 300px;"></div>
{/* 2️⃣ Setup a div to contain the form */}
<div id="cotter-form-container" style={{ width: 300, height: 300 }}></div>
Please note that id has to be
cotter-form-container
for the form to show up.HTML
React
<!-- 3️⃣ Show the form -->
<script>
var cotter = new Cotter("<YOUR_API_KEY_ID>"); // 👈 Specify your API KEY ID here
cotter
.withFormID("form_default") // Use customization for form "form_default"
.signInWithWebAuthnOrLink() // or signInWithWebAuthnOrOTP()
.showEmailForm() // or showPhoneForm()
.then(payload => console.log(payload))
.catch(err => console.log(err));
</script>
import Cotter from "cotter";
//...
useEffect(() => {
// 3️⃣ Show the form
var cotter = new Cotter("<YOUR_API_KEY_ID>"); // 👈 Specify your API KEY ID here
cotter
.withFormID("form_default") // Use customization for form "form_default"
.signInWithWebAuthnOrLink() // or signInWithWebAuthnOrOTP()
.showEmailForm() // or showPhoneForm()
.then((payload) => console.log(payload))
.catch((err) => console.log(err));
}, []);
There are several options for the fallback method:
- Method:
- Magic Link: use
signInWithWebAuthnOrLink()
- OTP: use
signInWithWebAuthnOrOTP()
- Channel:
- Email: use
showEmailForm()
- Phone: use
showPhoneForm()
(you can send code/link via SMS or WhatsApp by setting it up in Dashboard > Branding)
Last modified 2yr ago