Passkey Store
Component Detail
Data Layer
medium complexity
backend
0
Dependencies
0
Dependents
0
Entities
0
Integrations
Description
Persistence layer for WebAuthn credentials including public keys, credential IDs, signature counters, and device metadata. Supports multiple passkeys per user across devices.
passkey-store
Sources & reasoning
Passkeys are not named in source docs; included because the blueprint authoritatively lists 'Passkeys (WebAuthn)' as a required feature in Authentication & Access Control. With no source signal it falls under §5 Phase 3 'Vekst og engasjement' as a forward-looking auth enhancement; target_release uses that phase's verbatim name 'Growth & Engagement'.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Persist credential public keys and IDs per user
- Track signature counters for replay detection
- Store device labels and last-used timestamps
- Look up credentials by credential ID during authentication
- Delete passkeys on user request or account closure
Interfaces
savePasskey(userId, credential): Passkey
findByCredentialId(credentialId): Passkey
listByUser(userId): Passkey[]
updateCounter(passkeyId, counter): void
deletePasskey(passkeyId): void