Passkeys and Systems Integration
Integrating passkeys into an environment can be straightforward when leveraging the many frameworks available. When integrating passkeys with your in-house built authentication system, it's ideal if you don’t have to start from scratch. This is especially the case since passkeys are built upon the WebAuthN foundation, and there’s no reason to reinvent the wheel. While there are a few to choose from, we found the open-source framework provided by Yubico to be the most useful. It integrates well with existing Java Spring applications and is as close to a turnkey solution as you can get for implementing passkeys on your back end.
There are also some great materials provided by Google, Apple, and the web community that provide good background on passkeys and make it easier to implement. For Android applications, the SDKs require little setup and modification when integrating with services provided by Yubico, mentioned above. Google provides some great resources to get you on your way and this article was our favorite. The iOS SDK is also quite thorough, but does require a bit more work to get passkeys up and running. However, once implemented, it worked and integrated well within our existing applications. The SDKs for web were similar to iOS in that they require a bit more work to integrate with an environment.
Here are two of our favorites resources to get started on the web (here and here, both from web developers at Google). We were pleasantly surprised with how well web frameworks performed across multiple browsers without much issue at all.