Passkeys with Spring Boot 3.4.x — Part 1 ➫ Basic Boilerplate

Spring boot 3.4.x had been the most interesting candidate with new features, POCs & explorations in recent times.

It couples up with Spring securoity 6.4.x, which has the very interesting and important feature of Passkeys / Webauthn built in.

I am going to share the very basic to some advance level of hands on with it.

The blog post for advanced configuration is here

This part here is going to cover the very basics of it and will include:-

➫ The standard approach to fire up webauthn.
➫ No heavy customization.
➫ The boring built in UI (sorry spring boot & spring security maintainers).
➫ Will be using JTE for the views.

The boilerplate config code is as below:-

@Bean
  public UserDetailsService userDetailsService() {
      var userDetailsService = new InMemoryUserDetailsManager();
      String testPassword = "{noop}test";
      userDetailsService.createUser(User.withUsername("user").password(testPassword).build());
      userDetailsService.createUser(User.withUsername("admin").password(testPassword).build());
      return userDetailsService;
  }

  @Bean
  @SneakyThrows
  public SecurityFilterChain…