Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authenticator should support Biometric authentication #190

Open
1 task done
pmellaaho opened this issue Sep 17, 2024 · 4 comments
Open
1 task done

Authenticator should support Biometric authentication #190

pmellaaho opened this issue Sep 17, 2024 · 4 comments
Labels
feature-request New feature or request

Comments

@pmellaaho
Copy link

Before opening, please confirm:

Which UI component is this feature-request for?

Authenticator

Please include any relevant guides or documentation you're referencing

No response

Please describe your feature-request in detail.

Currently the Authenticator supports the sign-in with username and password. There are many reasons why modern applications would like to move on to passwordless sign-in but one of main pain points is the usability and things like Password managers are too cumbersome for most users to use. The Authenticator could complement the sign-in experience by offering the possibility to activate and use biometrics (e.g. fingerprint) to access username and password safely (encrypted) stored in device with the help of Android KeyStore. So, the user would be given an option to type in username and password in every sign-in or activate biometric login to get easier sign-in experience. In the of biometric login prompt the fall back option to use app credentials would still be offered.

Initialization steps (if applicable)

No response

Code Snippet

// Put your code below this line.

amplifyconfiguration.json

No response

Additional information and screenshots

No response

@github-actions github-actions bot added pending-triage Issue is pending triage pending-maintainer-response Issue is pending response from an Amplify team member labels Sep 17, 2024
@tylerjroach
Copy link
Member

Thank you for the feature request. Will leave this ticket open to allow others to provide +1 reactions or additional comments.

@tylerjroach tylerjroach added the feature-request New feature or request label Sep 17, 2024
@github-actions github-actions bot removed pending-maintainer-response Issue is pending response from an Amplify team member pending-triage Issue is pending triage labels Sep 17, 2024
@mattcreaser
Copy link
Member

Amplify is adding support for WebAuthn passkeys in this PR: aws-amplify/amplify-android#2952. We will be building on this to offer the option of biometric login in the near future.

@pmellaaho
Copy link
Author

Good to hear, I think this is great news!
How it's going to work for existing users, are they gonna be able to switch to passkey with/without a new Sign-up?

@mattcreaser
Copy link
Member

Hey @pmellaaho. Existing users are able to register their device as a passkey once webauthn is enabled for the user pool. Whether Authenticator itself will prompt the user for this or defer to the application to call into Amplify is TBD.

Sign-up with passkeys is not supported - users need to sign up either with a password or via an OTP sms or email code first, and then register the passkey after acccount creation.

You can check out the Cognito documentation for a lot more information about how Passkeys work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature-request New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants