ForgeRock has extensive support for passwordless authentication methods, including mobile push, certificate, WebAuthn (based on FIDO2 standards), Face ID and Touch ID.
Using Intelligent Access, you can configure seamless authentication journeys that leverage any of the included passwordless methods, as well as those supplied by third-party specialist providers that are available for easy deployment via the ForgeRock Marketplace. You can extend passwordless authentication to include usernameless authentication with popular authenticators that support resident keys, including Yubico (pin-protected), and biometric authenticators like Touch ID and Windows Hello.
Passwordless user authentication journeys can include methods such as mobile push, certificate or WebAuthn that allow a user to perform an initial login and then require another verification from either the same factor or a different one. For example, a user journey may be configured to allow a banking customer to log in without a password via biometric authentication on a mobile device, but to authorize a payment requires an OTP from an SMS. This is known as transactional authorization.
It's Time to Go Passwordless (solution brief)
Multi-factor authentication (Identity Cloud)
Transactional authorization (Identity Cloud)