Identity System Overview
The Crate Identity System provides a secure, flexible, and robust authentication architecture out-of-the-box. It simplifies the process of securely identifying and managing users for your application without locking you into rigid architectures.
Supported Authentication Methods
Crate handles multiple layers of modern authentication:
- Passkeys (WebAuthn): The primary, modern authentication method offering high security via hardware and software authenticators. Crate handles the full WebAuthn challenge and assertion lifecycle.
- Magic Links: A passwordless fallback for users who don’t have passkeys or need to recover their accounts. Magic link generation is managed via the backend SDK, allowing you to use your preferred email or SMS delivery provider.
- Passwords: Traditional password-based registration and login flows.
Architecture Approach
Crate separates authentication operations cleanly between the Frontend JS SDK and the Backend Connect API.
- Frontend JS SDK (
CrateIdentityJS): Simplifies the browser interactions for Passkeys (navigator.credentials), orchestrating the/beginand/finishsteps of the ceremony. - Backend SDK/API: Handles sensitive operations like generating Magic Links. Since Crate does not prescribe a delivery method for emails or texts, developers use the backend to generate tokens securely and dispatch them through their own infrastructure.
For detailed integration steps, continue to the Authentication guide.