[10.0.1xx-preview6] Add passkeys to ASP.NET Core Identity #1237
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Marking as "no merge" until tactics approval. |
mmitche
reviewed
Jun 19, 2025
|
Approved in tactics. Leaving as "no merge", as I manually confirmed that this PR is affected by the regression described in dotnet/runtime#116801. |
halter73
approved these changes
Jun 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Note: Opening this PR in the VMR because it depends on runtime changes that haven't flown through to dotnet/aspnetcore
Backport of dotnet/aspnetcore#62112
Add passkeys to ASP.NET Core Identity
Adds support for passkey authentication in ASP.NET Core Identity and updates the Blazor Web App template with passkey management and login functionality.
Description
Passkeys are a modern, phishing-resistant authentication method based on the WebAuthn and FIDO2 standards. They provide a significant security improvement over traditional passwords by relying on public key cryptography and device-based authentication. In addition to enhancing security, passkeys offer a more seamless and user-friendly sign-in experience.
There is growing industry momentum behind passkeys as a replacement for passwords. Major platforms and browsers have adopted support, and user expectations are shifting accordingly. Customers building web applications with ASP.NET Core have expressed very strong interest in out-of-the-box support for passkey-based authentication (#53467).
To address this, this PR adds passkey support to the Blazor Web App project template and first-class support for passkeys in ASP.NET Core Identity. Since this is a large and highly-requested feature, it's important to get customer feedback early enough to make follow-ups in subsequent preview releases.
Fixes dotnet/aspnetcore#53467
Customer Impact
New projects created using the Blazor Web App template with authentication enabled will support passkey management and authentication out of the box. Customers can also make use of new Identity APIs enabling passkey management and authentication in existing apps.
Regression?
Not applicable, as this is a new feature.
Risk
The changes are primarily additive in nature and don't alter existing functionality, with the exception of the project template changes. The changes to the Identity store schema only apply when explicitly opted-in to by setting
IdentityOptions.Stores.SchemaVersiontoIdentitySchemaVersions.Version3, meaning existing apps don't need to perform a migration in order to use the latest Identity version.Verification
Packaging changes reviewed?