-
-
Notifications
You must be signed in to change notification settings - Fork 190
How can I integrate FIDO2 user data in SQL Server? #493
-
Hello, I am a junior engineer. Due to the requirements of my job, I need to familiarize myself with the FIDO2 system. I am tasked with storing user data in SQL Server, but I currently lack the skills to achieve this. I would appreciate guidance on how to proceed. Thank you.
Beta Was this translation helpful? Give feedback.
All reactions
User data in general has to already exist in the DB in order to add the FIDO2 credentials.
You can clone this repository and look at one of the example apps. There you can check the UserController to trace what is stored when a credential is created. For dev/demo purposes there is a type StoredCredential, which shows what data you need in your database.
When actually implementing it though, maybe wait until release 4.0.0 is out, as there have been quite a few breaking changes on the API where you'd have to rename stuff if you built something around the v3 NuGet packages.
Replies: 2 comments
-
User data in general has to already exist in the DB in order to add the FIDO2 credentials.
You can clone this repository and look at one of the example apps. There you can check the UserController to trace what is stored when a credential is created. For dev/demo purposes there is a type StoredCredential, which shows what data you need in your database.
When actually implementing it though, maybe wait until release 4.0.0 is out, as there have been quite a few breaking changes on the API where you'd have to rename stuff if you built something around the v3 NuGet packages.
Beta Was this translation helpful? Give feedback.
All reactions
-
Hello @wayne362066 - Anders (author of this library here). I work at Bitwarden and we built the Passwordless API specifically for your use case.
It's a hosted API that takes care of the security and complexity of operating a fido2 server. All you need is to call the API form your app.
I would advise you to test our API, it's free (or cheap) to use depending on your workload:
Marketing site: https://bitwarden.com/products/passwordless/
Docs: https://docs.passwordless.dev/
Developer API signup: https://admin.passwordless.dev/signup
Beta Was this translation helpful? Give feedback.