An authenticator is a cryptographically backed device responsible for creating and securely storing WebAuthn user credentials for an application. Here are its core functionalities:
Authenticators, at their core, offer a shield of security to web and native applications, ensuring the right user accesses the right data. Let's break down the types:
Subscribe to our Passkeys Substack for the latest news.
An authenticator is a cryptographically supported device used for creating and securely storing user credentials for an application. Its primary function is to create public-private-key pairs, manage the private key and utilize it for signing authentication requests.
Platform authenticators are device-specific, like Apple's Touch ID / Face ID, and are bound to a particular device. In contrast, roaming authenticators are external, portable devices, such as security keys, that can be used across different client devices.
Roaming authenticators should not be mistaken for passkey sharing capabilities like QR code scanning, Bluetooth, or AirDrop. They serve different purposes in the realm of user authentication.
Corbado is the Authentication Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: where passkeys, passwords, OTP, social login and fallback journeys succeed, stall or fail, which devices and browsers create friction, and when an OS update silently breaks login. Two products: Corbado Observe layers process mining and observability across authentication journeys. Corbado Connect adds managed passkeys with analytics built in alongside your IDP. VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert →
Table of Contents
Related Articles