Key Concepts
There are a few key concepts that are important to understand when working with Liquid Auth.
The main concepts are Linking
, Passkeys
, and Peer-to-Peer
.
See the full details in the Architecture Reference.
π Linking
A link will authorize a remote client to access the service.
This is done by generating a RequestId
and waiting for a device to attest a Passkey.
π Passkeys
Passkeys are also known as FIDO2/WebAuthn PublicKeyCredential. This KeyPair is used to register or authenticate a user and is generated by an authenticator device.
FIDO2 Extension
Authenticators must also support the Liquid Extension
which is used to attest a KeyPair
not controlled by the authenticator.
This extension attaches an additional signature to the credential to associate the KeyPair
with the Passkey
.
The extension also includes an optional requestId
which is used to link the KeyPair
to a specific session.
When two clients are linked, they can establish a peer-to-peer connection.
π Peer-to-Peer
WebRTC is used for establishing a peer-to-peer connection between two clients.
Offer
Session Description Protocol (SDP) message sent from the client to the server. The offer contains information about the clientβs media capabilities and information about the datachannel.
Answer
Session Description Protocol (SDP) message sent back to a client who created the Offer. An Answer client can then use this information to generate an answer, which is sent back to the offer client.
Candidate
ICE Candidate is a network address that can be used to communicate with the peer.