Sign In with WebAuthn

Sign in with WebAuthn allows you to authenticate users using TouchID or Windows Hello from their browser. This means, you can use biometric authentication from your website.

Concepts: Learn about how Sign in with WebAuthn works.

WebAuthn with Cotter's JS SDK

Overview

WebAuthn authentication works the following way:

  1. A new user would be prompted to either enter a verification code or magic link sent to their email or phone.

  2. Once the user verified their email/phone, the SDK will automatically prompt the user if they want to register this device for fast logins next time.

  3. The user can press "Enable TouchID" and successfully register their laptop.

  4. When the user login next time, the user will automatically be prompted to use TouchID to login. As a fallback method, the user can choose to send a link or code to their email/phone instead.

Steps

Step 1: Import Cotter

Include Javascript SDK

To use our Javascript SDK, include the script below in your HTML page or use the npm package.

<script>
npm
yarn
<script>
<script
src="https://unpkg.com/cotter@0.3.25/dist/cotter.min.js"
type="text/javascript"
></script>

Make sure you check for the latest version at https://www.npmjs.com/package/cotter​

npm
npm install cotter --save
yarn
yarn add cotter

Step 2: Set up a div element to contain cotter's form

HTML
React
HTML
<!-- 2️⃣ Setup a div to contain the form -->
<div id="cotter-form-container" style="width: 300px; height: 300px;"></div>
React
{/* 2️⃣ Setup a div to contain the form */}
<div id="cotter-form-container" style={{ width: 300, height: 300 }}></div>

Please note that id has to be cotter-form-container for the form to show up.

Step 3: Initialize Cotter and show the form

Grab your API_KEY_ID from the dashboard, then replace <YOUR_API_KEY_ID> with your API_KEY_ID.

HTML
React
HTML
<!-- 3️⃣ Show the form -->
<script>
var cotter = new Cotter("<YOUR_API_KEY_ID>"); // πŸ‘ˆ Specify your API KEY ID here
​
cotter
.signInWithWebAuthnOrLink() // or signInWithWebAuthnOrOTP()
.showEmailForm() // or showPhoneForm()
.then(payload => console.log(payload))
.catch(err => console.log(err));
</script>
React
import Cotter from "cotter";
//...
​
useEffect(() => {
// 3️⃣ Show the form
var cotter = new Cotter("<YOUR_API_KEY_ID>"); // πŸ‘ˆ Specify your API KEY ID here
​
cotter
.signInWithWebAuthnOrLink() // or signInWithWebAuthnOrOTP()
.showEmailForm() // or showPhoneForm()
.then((payload) => console.log(payload))
.catch((err) => console.log(err));
}, []);

There are several options for the fallback method:

  • Method:

    • Magic Link: use signInWithWebAuthnOrLink()

    • OTP: use signInWithWebAuthnOrOTP()

  • Channel:

    • Email: use showEmailForm()

    • Phone: use showPhoneForm() (you can send code/link via SMS or WhatsApp by setting it up in Dashboard > Branding)

πŸŽ‰ You're done!

​