ForgeRock Developer Experience

Handle web biometrics

The ForgeRock JavaScript SDK has the following methods for handling web biometrics:

FRWebAuthn.register(step, deviceName)

For registering new devices. Optionally, assign a name to the device to help the user identify it. If you do not provide a custom name, the server assigns a generic value such as New Security Key.

FRWebAuthn.authenticate(step)

For authenticating using a previously registered device.

Use the FRWebAuthn.getWebAuthnStepType() convenience method to determine which method to use:

// Determine if a step is a web biometrics step
const stepType = FRWebAuthn.getWebAuthnStepType(step);

if (stepType === WebAuthnStepType.Registration) {
  // Registering a new device, with optional device name
  step = await FRWebAuthn.register(step, 'myDeviceName');
} else if (stepType === WebAuthnStepType.Authentication) {
  // Authenticating with a registered device
  step = await FRWebAuthn.authenticate(step);
}

// `step` has now been populated with the web biometrics credentials

// Send this new step to the ForgeRock server
nextStep = FRAuth.next(step);

Using the device name

The device name is available for display in other callbacks received from a journey.

For example, you can get the device name when displaying recovery codes as follows:

// Determine if step is a display recovery codes step
const isDisplayRecoveryCodesStep = FRRecoveryCodes.isDisplayStep(step);

if (isDisplayRecoveryCodesStep) {
  // Obtain recovery codes
  const recoveryCodes = FRRecoveryCodes.getCodes(step);

  // Obtain device display name
  const deviceName = FRRecoveryCodes.getDisplayName(step);

  // Display `recoveryCodes` and `deviceName` to the user
}
The ForgeRock Login Widget has built-in support and associated UI for displaying the device name alongside the recovery codes.
Copyright © 2010-2024 ForgeRock, all rights reserved.