WebAuthnSigner
WebAuthnSigner is the recommended signer for browser applications. The private key never leaves the authenticator and is never available to the browser.
import { WebAuthnSigner } from '@dfns/sdk-browser'
const webauthn = new WebAuthnSigner({
relyingParty: { id: 'acme.com', name: 'Acme' },
})
BrowserKeySigner
BrowserKeySigner signs using a CryptoKeyPair in the browser. Use this only when WebAuthn is not available — the private key lives in browser memory, so you need a secure way to load it.
import { BrowserKeySigner } from '@dfns/sdk-browser'
const browserKey = new BrowserKeySigner({
keyPair: keyPair, // CryptoKeyPair — protect and load securely
})
const attestation = await browserKey.create(challenge)
const assertion = await browserKey.sign(challenge)
DfnsAuthenticator
DfnsAuthenticator handles user login flows in the browser. It prompts for WebAuthn credentials and returns an auth token.
import { DfnsAuthenticator } from '@dfns/sdk'
import { WebAuthn } from '@dfns/sdk-browser'
const dfnsAuth = new DfnsAuthenticator({
orgId,
baseUrl: apiUrl,
signer: new WebAuthn({ rpId }),
})
// Prompts for biometrics / security key
const { token } = await dfnsAuth.login({ orgId, username })
Last modified on March 13, 2026
