Handle web biometrics
The ForgeRock JavaScript SDK has the following methods for handling web biometrics:
FRWebAuthn.register(step, deviceName)
-
For registering new devices. Optionally, assign a name to the device to help the user identify it. If you do not provide a custom name, the server assigns a generic value such as New Security Key.
FRWebAuthn.authenticate(step)
-
For authenticating using a previously registered device.
Use the FRWebAuthn.getWebAuthnStepType()
convenience method to determine which method to use:
// Determine if a step is a web biometrics step
const stepType = FRWebAuthn.getWebAuthnStepType(step);
if (stepType === WebAuthnStepType.Registration) {
// Registering a new device, with optional device name
step = await FRWebAuthn.register(step, 'myDeviceName');
} else if (stepType === WebAuthnStepType.Authentication) {
// Authenticating with a registered device
step = await FRWebAuthn.authenticate(step);
}
// `step` has now been populated with the web biometrics credentials
// Send this new step to the ForgeRock server
nextStep = FRAuth.next(step);
Using the device name
The device name is available for display in other callbacks received from a journey.
For example, you can get the device name when displaying recovery codes as follows:
// Determine if step is a display recovery codes step
const isDisplayRecoveryCodesStep = FRRecoveryCodes.isDisplayStep(step);
if (isDisplayRecoveryCodesStep) {
// Obtain recovery codes
const recoveryCodes = FRRecoveryCodes.getCodes(step);
// Obtain device display name
const deviceName = FRRecoveryCodes.getDisplayName(step);
// Display `recoveryCodes` and `deviceName` to the user
}
The ForgeRock Login Widget has built-in support and associated UI for displaying the device name alongside the recovery codes. |