Skip to main content

The World Wide Web Consortium (W3C): Introduction to Web Authentication

Web developers dig deep into modern Web Authentication to secure access to resources and applications

Introduction to Web Authentication
3 weeks
2–4 hours per week
Instructor-led on a course schedule

About this course

Skip About this course

This course introduces developers to the W3C’s Web Authentication (WebAuthn) API, which provides the tools to replace usernames and passwords in favor of hardware-backed, cryptographically secure authentication.

Learners will explore basic concepts such as registration and authentication, and how WebAuthn thwarts modern attacks such as phishing to ensure security and privacy.

After becoming familiar with WebAuthn buiding blocks, such as authenticators, clients, and replying parties, learners will move on to standing up a WebAuthn server and learning the different flows supported by WebAuthn.

Finally, students will review guidance and recommendations for operating a WebAuthn environment, capping off the course with an interactive project giving developers a solid foundation to secure assets and contemplate a passwordless future.

At a glance

  • Institution: W3Cx
  • Subject: Computer Science
  • Level: Introductory
  • Prerequisites:
    • Security key and/or Chrome authenticator (free tool that works on Chrome browser)
    • Have a working knowledge of computer security and authentication, and be familiar with JavaScript and be proficient in writing code
    • Have a working instance of Git and Docker
  • Language: English
  • Video Transcript: English
  • Associated skills: Application Programming Interface (API), Authentications, Phishing

What you'll learn

Skip What you'll learn
  • What is Web Authentication (a.k.a WebAuthn)
  • Key WebAuthn concepts
  • How to create and use Web Authentication credentials
  • Construction of a server infrastructure
  • Understand and deploy server side requirements

Module 1: Introduction to Web Authentication

After completing this module, students will have an understanding of why developing WebAuthn solves issues plaguing current authentication options. Students get a high-level view on how WebAuthn works on the web, along with a look at the code required to support a WebAuthn server.

Module 2: Deploying a WebAuthn server

This module is about deploying a sample WebAuthn Web implementation. It includes hands-on experience with WebAuthn, both in deploying a bare-bones WebAuthn server, as well as integrating WebAuthn into a larger context. Students will replace a username and password log-in using a sample WebAuthn architecture. By the end of this module, students will have the experience necessary to utilize WebAuthn in new deployments as well as retro-fitting existing services

Who can take this course?

Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.

Interested in this course for your business or team?

Train your employees in the most in-demand topics, with edX For Business.