Passkey Auth

experimental

Public, source-visible passkey (WebAuthn) authentication — registration + authentication ceremonies + credential management, built on @simplewebauthn/server. Verifies assertions and returns the verified userId; the host app mints the session.

2 hooks 3 events 3 permissions

Passkey Auth is source-visible, contract-first code — your agent reads the whole interface before it composes, never a black box.

Every hook has typed I/O and required tests, and the composition is pinned in microservices.lock.json — what you inspect here is exactly what pnpm microservices check verifies and deploys.

Typed hooks

Extension points with typed input/output and required tests — customize behavior without forking the module.

  • beforeVerifyRegistration
  • afterAuthenticated

Events emitted

A stable, documented event surface other modules can subscribe to.

  • passkey.registered
  • passkey.authenticated
  • passkey.credential_deleted

Permissions

Scoped capabilities the module declares; the gateway enforces them at the boundary.

  • passkey.register
  • passkey.authenticate
  • passkey.admin

Experimental listing. Generated from the canonical module manifest via `registry build`.