@thru/passkey
Advanced tools
Cross-platform passkey helpers for Thru applications.
npm install @thru/passkey
@thru/passkey/web - browser/WebAuthn registration and signing@thru/passkey/popup - popup bridge/protocol helpers for embedded browser flows@thru/passkey/mobile - React Native/mobile passkey and secure-storage helpers@thru/passkey/auth - higher-level app auth/store helpers@thru/passkey/server - backend wallet/challenge/submit helpersThe root import path is deprecated:
import { registerPasskey } from '@thru/passkey';
Use explicit entry points instead:
import { registerPasskey } from '@thru/passkey/web';
The root path remains as a temporary compatibility shim and will be removed after downstream consumers migrate.
This package requires a browser environment with WebAuthn support (navigator.credentials).
import { registerPasskey } from '@thru/passkey/web';
const result = await registerPasskey('alice', 'user-id-123', 'example.com');
import { signWithPasskey } from '@thru/passkey/web';
const challenge = new Uint8Array(32);
const result = await signWithPasskey(credentialId, challenge, 'example.com');
import { signWithStoredPasskey } from '@thru/passkey/web';
import type { PasskeyMetadata, PasskeyPopupContext } from '@thru/passkey/web';
const preferredPasskey: PasskeyMetadata | null = null;
const allPasskeys: PasskeyMetadata[] = [];
const context: PasskeyPopupContext = {
appName: 'My App',
origin: 'https://app.example.com',
};
const result = await signWithStoredPasskey(
challenge,
'example.com',
preferredPasskey,
allPasskeys,
context
);
import {
isWebAuthnSupported,
preloadPasskeyClientCapabilities,
getPasskeyClientCapabilities,
shouldUsePasskeyPopup,
} from '@thru/passkey/web';
Use the popup helpers when your browser app needs a separate approval window for embedded or iframe-based passkey flows.
import {
openPasskeyPopupWindow,
requestPasskeyPopup,
closePopup,
PASSKEY_POPUP_PATH,
PASSKEY_POPUP_CHANNEL,
} from '@thru/passkey/popup';
import {
buildSuccessResponse,
decodeChallenge,
getResponseError,
toPopupSigningResult,
} from '@thru/passkey/popup';
Communication between parent and popup uses postMessage with BroadcastChannel as a fallback. The popup path defaults to /passkey/popup.
@thru/passkey/web re-exports the browser-side encoding and crypto helpers used by the wallet today, including:
bytesToHexhexToBytesbytesToBase64bytesToBase64Urlbase64UrlToBytesarrayBufferToBase64Urlbase64UrlToArrayBufferKey web types exported from @thru/passkey/web:
PasskeyRegistrationResultPasskeySigningResultPasskeyDiscoverableSigningResultPasskeyStoredSigningResultPasskeyMetadataPasskeyClientCapabilitiesPasskeyPopupContextKey popup types exported from @thru/passkey/popup:
PasskeyPopupRequestPasskeyPopupResponsePasskeyPopupSigningResultPasskeyPopupStoredSigningResultPasskeyPopupAccountFAQs
Cross-platform passkey helpers for Thru applications.
The npm package @thru/passkey receives a total of 530 weekly downloads. As such, @thru/passkey popularity was classified as not popular.
We found that @thru/passkey demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.