Web Authentication (WebAuthn) is a W3C Recommendation that defines a browser API for strong, public-key-based authentication using authenticators such as security keys and platform biometrics. With FIDO2 CTAP it enables passwordless and phishing-resistant login.