https://d946ac66.passkeys-dev.pages.dev/docs/use-cases/Recent content in Use Cases on passkeys.devHugoen-ushttps://d946ac66.passkeys-dev.pages.dev/docs/use-cases/bootstrapping/Mon, 10 Oct 2022 19:52:26 +0000https://d946ac66.passkeys-dev.pages.dev/docs/use-cases/bootstrapping/<h2 id="authenticating-the-user" class="heading ">Authenticating the user<a href="#authenticating-the-user" aria-labelledby="authenticating-the-user"> <svg class="svg-inline--fa fas fa-link anchor" fill="currentColor" aria-hidden="true" role="img" viewBox="0 0 576 512" overflow="visible"><use href="#fas-link"></use></svg>&nbsp; </a> </h2> <p>This section applies when the <a href="https://d946ac66.passkeys-dev.pages.dev/docs/reference/terms#relying-party-rp">Relying Party (RP)</a> does not yet know who is controlling the client device. There is no browser artifact (such as a cookie or a credential ID in local storage) available to the RP, although for now we assume that the user has an existing account with the RP.</p> <p>To bootstrap an account, serve the user a sign-in page.</p>https://d946ac66.passkeys-dev.pages.dev/docs/use-cases/reauth/Mon, 10 Oct 2022 19:52:16 +0000https://d946ac66.passkeys-dev.pages.dev/docs/use-cases/reauth/<p>Reauthentication might happen for the following reasons:</p> <ul> <li>The user signed out and now wants to sign in again</li> <li>The user session expired due to inactivity, and the user wants to sign in again</li> <li>The user is about to perform a sensitive action, and needs to re-confirm control over the user session</li> </ul> <p>You’ll use passkeys that you set up in the <a href="https://d946ac66.passkeys-dev.pages.dev/docs/use-cases/bootstrapping/">previous section</a> to reauthenticate the user in each of these situations. The WebAuthn API call is the same in all three cases, but the UI treatment that you provide is slightly different. Since the particular account is specified by you, the platform will not offer the user to select a different account on your service.</p>