{"id":22781980,"url":"https://github.com/gluufederation/agama-passkey","last_synced_at":"2025-04-15T16:22:27.275Z","repository":{"id":205018660,"uuid":"710886837","full_name":"GluuFederation/agama-passkey","owner":"GluuFederation","description":"Gluu governed Agama project to provide a starting point for passkey authentication. See also FIDO2","archived":false,"fork":false,"pushed_at":"2025-02-14T11:32:49.000Z","size":226,"stargazers_count":2,"open_issues_count":0,"forks_count":10,"subscribers_count":18,"default_branch":"main","last_synced_at":"2025-03-28T22:13:13.367Z","etag":null,"topics":["fido","fido2","passkey","passkeys","passkeys-demo"],"latest_commit_sha":null,"homepage":"https://gluu.org","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GluuFederation.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-27T16:43:44.000Z","updated_at":"2025-02-14T11:32:53.000Z","dependencies_parsed_at":null,"dependency_job_id":"1a9ecd8d-9cef-40bc-9c13-d95e740f8dfd","html_url":"https://github.com/GluuFederation/agama-passkey","commit_stats":null,"previous_names":["gluufederation/agama-passkey"],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GluuFederation%2Fagama-passkey","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GluuFederation%2Fagama-passkey/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GluuFederation%2Fagama-passkey/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GluuFederation%2Fagama-passkey/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GluuFederation","download_url":"https://codeload.github.com/GluuFederation/agama-passkey/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249105607,"owners_count":21213574,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fido","fido2","passkey","passkeys","passkeys-demo"],"created_at":"2024-12-11T21:09:12.055Z","updated_at":"2025-04-15T16:22:27.252Z","avatar_url":"https://github.com/GluuFederation.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- These are statistics for this repository--\u003e\n[![Contributors][contributors-shield]][contributors-url]\n[![Forks][forks-shield]][forks-url]\n[![Stargazers][stars-shield]][stars-url]\n[![Issues][issues-shield]][issues-url]\n[![Apache License][license-shield]][license-url]\n\n# About Agama Passkey\n\nThis repo is home to the Gluu Agama-passkey project. Use this project to add \nuser authentication with **Passkey**(passwordless authentication that uses \na device to verify a user's identity before allowing them to access an account)\n2-factor authentication.\n\n## Where To Deploy\n\nThe project can be deployed to any IAM server that runs an implementation of\nthe [Agama Framework](https://docs.jans.io/head/agama/introduction/) like\n[Janssen Server](https://jans.io) and [Gluu Flex](https://gluu.org/flex/).\n\n\n## How To Deploy\n\nDifferent IAM servers may provide different methods and\nuser interfaces from where an Agama project can be deployed on that server.\nThe steps below show how the Agama-passkey project can be deployed on the\n[Janssen Server](https://jans.io).\n\nDeployment of an Agama project involves three steps.\n\n- [Downloading the `.gama` package from the project repository](#download-the-project)\n- [Adding the `.gama` package to the IAM server](#add-the-project-to-the-server)\n- [Configure the project](#configure-the-project)\n\n\n#### Pre-Requisites\n\n* Register a client to integrate with SCIM (used to list passkeys and edit), minimum scopes:\n- https://jans.io/scim/fido2.read\n- https://jans.io/scim/fido2.write\n\n\n### Download The Project\n\n\u003e [!TIP]\n\u003e Skip this step if you use the Janssen Server TUI tool to\n\u003e configure this project. The TUI tool enables the download and adding of this\n\u003e project directly from the tool, as part of the `community projects` listing.\n\nThe project is bundled as \n[.gama package](https://docs.jans.io/head/agama/gama-format/). \nVisit the `Assets` section of the \n[Releases](https://github.com/GluuFederation/agama-passkey/releases) to download \nthe `.gama` package.\n\n\n### Add The Project To The Server\n\nThe Janssen Server provides multiple ways an Agama project can be \ndeployed and configured. Either use the command-line tool, REST API, or a \nTUI (text-based UI). Refer to the [Agama project configuration page](https://docs.jans.io/head/admin/config-guide/auth-server-config/agama-project-configuration/) in the Janssen Server documentation for more details.\n\n### Configure The Project\n\nThe Agama project accepts configuration parameters in the JSON format. Every Agama \nproject comes with a basic sample configuration file for reference. \n\nBelow is a typical configuration of the Agama-passkey project. As shown, it contains \nconfiguration parameters for the [flows contained in it](#flows-in-the-project):\n\nSample JSON:\n\n``` json\n{\n    \"org.gluu.agama.passkey.main\": {\n        \"scimClientId\": \"PUT_YOUR_SCIM_CLIENT_ID_HERE\",\n        \"scimClientSecret\": \"PUT_YOUR_SCIM_CLIENT_SECRET\"\n    }\n}\n```\n\n\n\n### Test The Flow\n\nUse any relying party implementation (like [jans-tarp](https://github.com/JanssenProject/jans/tree/main/demos/jans-tarp)) \nto send an authentication request that triggers the flow.\n\nFrom the incoming authentication request, the Janssen Server reads the `ACR` \nparameter value to identify which authentication method should be used.\nTo invoke the `org.gluu.agama.passkey.main` flow contained in the Agama-passkey \nproject, specify the ACR value as `agama_\u003cqualified-name-of-the-top-level-flow\u003e`, \ni.e `agama_org.gluu.agama.passkey.main`.\n\n## Customize and Make It Your Own\n\nFork this repo to start customizing the Agama-passkey project. It is possible to\ncustomize the user interface provided by the flow to suit your organisation's\nbranding\nguidelines. Or customize the overall flow behavior. Follow the best\npractices and steps listed\n[here](https://docs.jans.io/head/admin/developer/agama/agama-best-practices/#project-reuse-and-customizations)\nto achieve these customizations in the best possible way.\nThis project can be reused in other Agama projects to create more complex\nauthentication journeys.  To reuse, trigger the\n[org.gluu.agama.passkey.main](#flows-in-the-project) flow from other Agama projects.\n\nTo make it easier to visualise and customize the Agama Project, use\n[Agama Lab](https://cloud.gluu.org/agama-lab/login).\n\n\n## Flows In The Project\n\n| Qualified Name | Description |\n|-----------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `org.gluu.agama.passkey.main` | This is the main flow, which you can directly launch from the browser. If you have not configured a passkey, you must first log in with your credentials and register your passkey(s) at `org.gluu.agama.passkey.list`. If you have at least 1 passkey configured, then you can click the \"Login with passkey\" button. |\n| `org.gluu.agama.passkey.list` | This flow is used to list the passkeys that the logged-in user has registered. If you do not have a passkey, an option to add a new passkey, `org.gluu.agama.passkey.add` is enabled. If you already have at least one passkey, you can click `Login with passkey`. |\n| `org.gluu.agama.passkey.add` | This flow is used to register a new passkey. The user has to validate his FIDO device, which can be a (Yubico key, device fingerprint, Windows Hello, Apple Face ID, etc.). |\n| `org.gluu.agama.passkey.nickname` | This flow is used to add a nickname to the newly registered passkey. Once completed, this stream returns to the `org.gluu.agama.passkey.list`\n\n\n\n## Demo\n\nCheck out this video to see the **agama-passkey** authentication flow in action.\nAlso check the\n[Agama Project Of The Week](https://gluu.org/agama-project-of-the-week/) video\nseries for a quick demo on this flow.\n\n*Note:*\nWhile the video shows how the flow works overall, it may be dated. Do check the\n[Test The Flow](#test-the-flow) section to understand the current\nmethod of passing the ACR parameter when invoking the flow.\n\n\n* Login with credentials and configure your first passkey device, and as a last step, complete the login with your new configured key.\n![TEST_USE_CASE_1](https://github.com/GluuFederation/agama-passkey/assets/86965029/0e5cc346-a576-499a-a9e3-6069d6932a4b)\n\n* Log in without credentials; use the `Login with passkey` button.\n![TEST_USE_CASE_2](https://github.com/GluuFederation/agama-passkey/assets/86965029/200328ec-888a-4767-8242-1c50a126a979)\n\n\n\u003c!-- This is the stats url reference for this repository --\u003e\n\n[contributors-shield]: https://img.shields.io/github/contributors/GluuFederation/agama-passkey.svg?style=for-the-badge\n\n[contributors-url]: https://github.com/GluuFederation/agama-passkey/graphs/contributors\n\n[forks-shield]: https://img.shields.io/github/forks/GluuFederation/agama-passkey.svg?style=for-the-badge\n\n[forks-url]: https://github.com/GluuFederation/agama-passkey/network/members\n\n[stars-shield]: https://img.shields.io/github/stars/GluuFederation/agama-passkey?style=for-the-badge\n\n[stars-url]: https://github.com/GluuFederation/agama-passkey/stargazers\n\n[issues-shield]: https://img.shields.io/github/issues/GluuFederation/agama-passkey.svg?style=for-the-badge\n\n[issues-url]: https://github.com/GluuFederation/agama-passkey/issues\n\n[license-shield]: https://img.shields.io/github/license/GluuFederation/agama-passkey.svg?style=for-the-badge\n\n[license-url]: https://github.com/GluuFederation/agama-passkey/blob/main/LICENSE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgluufederation%2Fagama-passkey","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgluufederation%2Fagama-passkey","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgluufederation%2Fagama-passkey/lists"}