Concepts

The FIDO alliance is an open industry association that produces authentication standards and certifications for password-less scenarios. There are currently three sets of specifications that have been published:

• FIDO Universal Second Factor (FIDO U2F)
• FIDO Universal Authentication Framework (FIDO UAF)
• FIDO2

The FIDO2 specification includes the W3C's Web Authentication (WebAuthn) specification and FIDO Client to Authenticator Protocol (CTAP). The WebAuthn specification defines the interactions between a Client and a Relying Party, whereas the CTAP protocol is between an Authenticator and a Client.

The Relying Party is the service that is requesting authentication.

A Client is a web browser or operating system.

An Authenticator can be a device or program that performs cryptographic operations to provide verification for a user.

• WebAuthn Ceremonies
  
• Attestation
  
• Public Key Algorithms
  
• Metadata
  

Parent topic: FIDO and WebAuthn Support