Android
Local Authenticator
(create and use passkeys from the local device)
SupportedExternal Authenticator
(create and use passkeys from another device)
PlannedOverview
The platform authenticator in Android 9+ has the following capabilities:
- creating and using passkeys that are backed up to Google Password Manager
- using a passkey from the local Android device to sign into services on another device (such as a laptop or desktop), using FIDO Cross-Device Authentication
Cross-Device Authentication
Android devices can be an authenticator for FIDO Cross-Device Authentication (CDA).
Android devices can be persistently linked to the browsers/platforms below:
- Chrome OS
- Chrome on Windows 10 & 11
- Edge on Windows 10 & 11
- Chrome on macOS
- Edge on macOS
- Chrome on Ubuntu
- Edge on Ubuntu
macOS (Safari and native apps), iOS (global), and iPadOS (global) do not support persistent linking.
When an authenticator is not persistently linked, a QR code must be scanned on every use.
Platform Notes
- Credential Manager is a new Android Jetpack API that supports multiple sign-in methods, including passkeys, in a single API, thus simplifying the integration for developers.
Resources
Docs
- Adding passkeys support to native Android apps: User authentication with passkeys
- Security of Passkeys in the Google Password Manager
Videos
- Passkeys: a simpler and safer sign-in (Google I/O 2023)
- Reduce reliance on passwords in Android apps with passkey support (Google I/O 2023)
- Learn how to implement passkeys with form autofill in a web app(Google I/O 2023)
Sample Code
Community Resources
Last Updated: Jul 27, 2023