Skip to main content

Web

Initial Setup#

The LoginID Web SDK enables you to add FIDO-certified authentication in your web-based application without having to redirect the user to any pages outside your application.

For more robust functionality, it is likely that you will need to also leverage a Server SDK. The Server SDK makes requests to LoginID's API easier by leveraging your API Credential. Check out the LoginID Server SDK for a simplified integration.

Create Application on the Dashboard#

An application must be created on the LoginID Dashboard in order to correctly configure the Web SDK.

Once logged into the dashboard, navigate to the Applications tab in the sidebar, select “Add Application,” and select Web.

In the resulting form, you must create a name for your application and provide your website URL.

note

Unlike in the OAuth/OpenID Connect flow, the Website URL is not a callback URL. The Website URL is the top-level domain that is integrating the Web SDK functionality. LoginID's backend will check this domain against your client profile as an allowable domain to issue cross-origin requests.

After entering your name and website URL, you will be prompted to create an API credential. If you have a client-side only application, please skip this step. Otherwise, create an API credential.

note

An API service token must be included on all requests with a service token scope once an API credential is assigned to an application.

Add SDK to Existing Application#

<script src=”https://loginid-sdk.s3-us-west-1.amazonaws.com/sdk/js/0.9.5/loginid.web.min.js”></script>

Create an SDK Instance#

NPM
import WebSDK from ‘@loginid/sdk';
const l = new WebSDK(BASE_URL,CLIENT_ID);

API Reference#

isFido2Supported#

Check whether the device and browser the user is on supports FIDO2.

registerWithFido2#

Sign up a user for FIDO authentication.

registerWithPassword#

Creates a user account with a password (not recommended). If leveraging this method, users should be migrating to use a FIDO authenticator, then have their password revoked.

authenticateWithFido2#

Authenticate a previously registered user through FIDO2.

authenticateWithPassword#

Authenticate a previously registered user using username and password.

confirmTransaction#

Confirm the transaction for which the tx_id was previously generated.

Deprecated Methods#

The Web SDK previously had the following methods:

  • .register()
  • .login()

The methods have been deprecated, as the type of authenticator being registered is now specified in the register and authenticate methods.