From 7bf781a6437668e203921c56d80540def4f57841 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20=C3=85berg?= Date: Fri, 12 Jul 2024 13:34:30 +0200 Subject: [PATCH] Passkeys is not capitalised, unless beginning of sentence Just like password. --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 64c4b61..14683ff 100644 --- a/README.md +++ b/README.md @@ -2,12 +2,12 @@ # Passwordless.dev iOS Client SDK -The purpose of this SDK is to be able to easily integrate [Passkeys](https://developer.apple.com/passkeys/) into your iOS app with the help of the [Passwordless.dev](https://bitwarden.com/products/passwordless/) management system. An example project named `DemoPasswordless` is provided for illustrative purposes, and is contained in this repository along with the SDK. +The purpose of this SDK is to be able to easily integrate [passkeys](https://developer.apple.com/passkeys/) into your iOS app with the help of the [Passwordless.dev](https://bitwarden.com/products/passwordless/) management system. An example project named `DemoPasswordless` is provided for illustrative purposes, and is contained in this repository along with the SDK. ## System Overview [Passwordless.dev](https://bitwarden.com/products/passwordless/) consists of three key parts: -1. An open-source client side SDK (for example, this iOS SDK), used by your app/website to initiate Passkey authorization requests on the end-user's device and to make requests to the passwordless.dev APIs. +1. An open-source client side SDK (for example, this iOS SDK), used by your app/website to initiate passkey authorization requests on the end-user's device and to make requests to the passwordless.dev APIs. 2. A public RESTful API used to complete FIDO2 WebAuthn cryptographic exchanges with your app. 3. A private RESTful API used to initiate key registrations, verify signins, and retrieve keys for end-users. @@ -17,7 +17,7 @@ Please read the [Passwordless.dev documentation](https://docs.passwordless.dev/) Apple requires associated domains to be set up to perform passkey registration and assertions. For more details on setting up an apple-app-site-association, see [Apple's documentation](https://developer.apple.com/documentation/Xcode/supporting-associated-domains). -For Passkeys, you need to set up a `webcredentials` section for your app. +For passkeys, you need to set up a `webcredentials` section for your app. You can view an [example](https://demo.passwordless.dev/.well-known/apple-app-site-association) of an apple-app-site-association that corresponds to the `DemoPasswordless` app provided in this repository. @@ -62,13 +62,13 @@ let passwordlessClient = PasswordlessClient( ### Sign in -There are two approaches for Passkey Sign in: Auto Fill and Manual Entry. +There are two approaches for passkey Sign in: Auto Fill and Manual Entry. #### A. Auto Fill This is when the user taps the username field, and the keyboard appears. If the user taps the auto fill options above the keyboard, then this is the auto fill approach. For this to work correctly, you must call `signin` when your view first appears. This way, by the time the keyboard appears, the OS will have results ready to show. 1. Call `signin(alias: nil)` the your view first appears. Once complete, a verification token will be returned. - * This function will wait until the user has tapped on an autofill item, it has been canceled in the Passkey dialog, or an error has occurred. + * This function will wait until the user has tapped on an autofill item, it has been canceled in the passkey dialog, or an error has occurred. * Based on the outcome of this response, your app will need to decide whether or not to restart the auto fill sign in process again. * If it is not running, then no options will show in the keyboard, so it usually makes sense to restart the process only in the `authorizationCancelled` case. * Getting an `authorizationError` may be a sign that something is not configured properly within your app, so it may be best to not rerun the auto fill to prevent endless looping errors. @@ -77,7 +77,7 @@ This is when the user taps the username field, and the keyboard appears. If the ![Auto Fill Sign in Flow](<./docs/SignInAutoFill.gif>) #### B. Manual Entry -This is when the user types in a user name, and hits a button within the view to sign in. This will display a different version of the Passkey window for the user to select from. +This is when the user types in a user name, and hits a button within the view to sign in. This will display a different version of the passkey window for the user to select from. 1. Call `signin(alias:)` with a given alias. Once complete, a verification token will be returned. 2. Pass the verification token to your public RESTful API to verify and return an authorization token. The user is now logged in to your app. @@ -106,4 +106,4 @@ For example, let's say your AASA file looks like this: To run the demo app without errors, the app's bundle ID must be `com.8bit.bitwarden.passwordlessios`. Furthermore, my personal developer account must have access to the team ID `Q999999997`. -In the `DemoServices.swift` file, the relying party ID (`rpID`) should be set to the domain where this AASA file is hosted. The `origin` must also be set to the associated domain of the AASA. \ No newline at end of file +In the `DemoServices.swift` file, the relying party ID (`rpID`) should be set to the domain where this AASA file is hosted. The `origin` must also be set to the associated domain of the AASA.