@rajeev02/kavach-web
v1.0.4
Published
Unified SDK for Kavach ID and Kavach Shield Engine integration
Maintainers
Readme
@rajeev02/kavach-web
Browser SDK for the Kavach Shield Engine - WebAuthn & FIDO2 integration.
TL;DR
The Kavach Web SDK provides seamless integration with browser-based WebAuthn and FIDO2 standards.
Who should use it: Frontend engineers building React, Vue, or Vanilla JS web applications who want to implement passwordless authentication (TouchID, Windows Hello, YubiKeys).
Quickest way to get started:
npm install @rajeev02/kavach-webTable of Contents
(For global architecture, CI/CD, and security guidelines, see the Root README)
Overview
Problem Statement: Complex WebAuthn cryptography is difficult to implement in the browser. Technical Value: Reduces WebAuthn flows into a single, elegant API call. Target Users: Web Developers.
Features
| Feature | Description | Status | | ------- | ----------- | ------ | | WebAuthn/FIDO2 Ready | Instantly trigger native browser biometric prompts. | Stable | | Device Fingerprinting | Generates robust, privacy-preserving client identifiers. | Stable | | Risk-Based Step-Up | Automatically challenges the user for biometrics. | Stable |
Compatibility Matrix
| Component | Supported Version | | :--- | :--- | | Node.js | 18.x, 20.x, 22.x (for SSR) | | Browsers | Chrome 67+, Safari 13+, Edge 18+ |
Quick Start
Install
npm install @rajeev02/kavach-webConfigure & Run
import { KavachClient } from '@rajeev02/kavach-web';
const kavach = new KavachClient({
serverUrl: 'https://api.yourdomain.com/kavach'
});Usage
Passwordless Login
async function handleLogin() {
try {
// Triggers TouchID/Windows Hello
const session = await kavach.loginWithBiometrics('[email protected]');
console.log("Securely authenticated!", session.token);
} catch (err) {
console.error("Biometric authentication failed.", err);
}
}Step-Up Authentication (MFA)
async function transferFunds(amount: number) {
const isVerified = await kavach.verifyPresence();
if (isVerified) {
await api.post('/transfer', { amount });
}
}Troubleshooting
- WebAuthn Not Supported: Ensure your site is served over HTTPS. WebAuthn APIs are restricted to secure contexts.
- Cross-Origin Errors: Ensure your backend Kavach server has the correct CORS headers configured.
Documentation
License
Distributed under the MIT License. See LICENSE for more information.
