Usable Authentication

Self-sovereign authentication for the web

A secure and usable alternative to passwords and federation-based user authentication schemes that leverages public key cryptography to enable a scalable user and developer experience.

Download

View as a developer

Why use ssasy?

No more complex user authentication flows

Security should be easy. With ssasy, you can authenticate your users in two simple lines of code.

No need to handle sensistive user credentials

User credentials, like passwords, paint a target on your application. ssasy allows you to authenticate users without handling user credentials thanks to public key cryptography, a cryptographic protocol that allows two parties to exchange messages without the need to share their sensitive credentials.

No more relying on third party authentication services

Third party authentication services are great, but they are not always reliable or transparent about how they handle your user's data. ssasy enables a self-sovereign, decentralized and open-ource authentication experience for your application and users by leveraging cryptographic concepts like public key cryptography and digital signatures.

This project is open-source

ssasy is open-source which means that you can inspect the code and verify that your data is in good hands. You can also contribute to ssasy and help make it better by submitting feedback, bug reports and code contributions.

How to use ssasy!

1. Install the core library

The core library allows you to authenticate users in a usable and secure manner.

npm install @ssasy-auth/core

2. Setup your server-side authentication

ssasy uses a cryptographic key to authenticate users to web applications. Checkout the @ssasy-auth/core repository to learn how to create, import and manage your cryptographic key.

import { KeyModule, Wallet } from '@ssasy-auth/core';

// generate a new private key

const privateKey = await KeyModule.generatePrivateKey();

// create a wallet

const wallet = new Wallet(privateKey);

// generate a challenge for the user (the challenge is used to verify that the user has access to the private key)

const userPublicKey = '...';

const challenge = await wallet.generateChallenge(userPublicKey);

// ... send the challenge to the user and wait for the user to respond

const challengeResponse = '...';

const result = await wallet.verifyChallenge(decodedChallengeCiphertext); // returns user's public key if the challenge response is valid, otherwise it throws an error

3. Install the client library

The client library allows you to authenticate users in a usable and secure manner.

npm install @ssasy-auth/extension

4. Setup your client-side authentication flow

ssasy uses a browser extension to authenticate users to web applications. The browser extension exposes a client-side API that allows web applications to request public keys and initiate authentication flows. Checkout the @ssasy-auth/extension repository to learn how to use the client-side API.

import { Bridge } from '@ssasy-auth/extension';

// check if the extension is installed

const extensionInstalled = await Bridge.isExtensionInstalled(); // returns true or false

// request the user's public key

const requestMode = 'login'; // or 'registration'

const publicKey = await Bridge.requestPublicKey(requestMode); // returns the user's public key

// request a challenge response from the user

const challengeResponse = await Bridge.requestSolution(requestMode, challenge); // returns the challenge response

5. You're all set!

Enable your users to authenticate in a usable, secure and self-sovereign manner with ssasy.

Curious about the ssasy extension?