docs improv

Author: niftyvictor

v3/docs/authentication/webauthn/_category_.json

@@ -1,4 +1,4 @@
 {
-	"label": "Passkey Authentication",
+	"label": "Passkeys",
 	"position": 7
 }

v3/docs/authentication/webauthn/customise-credential-validation.mdx

@@ -12,17 +12,21 @@ The WebAuthN flow allows the user to customise the way credentials are generated
 
 For example, in the case of a banking app, the user may want to use a YubiKey to generate and validate credentials. In this case, the user may want to use a required PIN or a biometric factor to validate the credential.
 
-TODO: Add correct link
-Most of the customisation is done through function overrides. You can find more details about how they work here: [Overrides](https://deploy-preview-869--starlit-elf-06ee1a.netlify.app/docs/references/sdks/functions-overrides/backend-functions-override).
+Most of the customisation is done through function overrides. You can find more details about how they work here: [Overrides](/docs/references/sdks/functions-overrides/backend-functions-override).
 
 ## Recipe Configuration
 
-TODO: Add correct link
-The recipe configuration is done by the `init` function. You can find more details about the recipe configuration here: [Recipe Configuration](#).
+The recipe configuration is done by the `init` function. You can find more details about the recipe configuration here: [Recipe Configuration](https://supertokens.com/docs/nodejs/modules/recipe_webauthn.html#init).
 
 When configuring the recipe, you can pass the following options:
-- **Relying Party**: Details about the entity for which the credential is being generated. This includes the domain name (Relying Party ID) and display name (Relying Party Name) of your application that will be shown to the user during authentication. The Relying Party ID defaults to the API domain (`apiBasePath`) and the Relying Parth Name defaults to the application name (`appName`).
-- **Origin**: The origin URL that the credential is generated on. Defaults to the origin of the request.
+
+| Option | Key Name | Description | Default Value |
+|--------|----------|-------------|---------------|
+| Relying Party ID | `getRelyingPartyId` | The domain name of your application that will be shown to the user during authentication | API domain (`apiBasePath`) |
+| Relying Party Name | `getRelyingPartyName` | The display name of your application that will be shown to the user during authentication | Application name (`appName`) |
+| Origin | `getOrigin` | The origin URL that the credential is generated on | Origin of the request |
+
+All of the above options are optional and if not provided, the recipe will use the default values. For more details on the default values, please refer to the [Recipe Configuration](https://supertokens.com/docs/nodejs/modules/recipe_webauthn.html#init) documentation.
 
 ```ts
 import supertokens from "supertokens-node";
@@ -69,14 +73,17 @@ The credential is generated based on a set of options that you can pass to the `
 
 The possible configurable options are:
 
-- **Relying Party**: Details about the entity for which the credential is being generated. This includes the domain name (Relying Party ID) and display name (Relying Party Name) of your application that will be shown to the user during authentication. The Relying Party ID defaults to the API domain (`apiBasePath`) and the Relying Parth Name defaults to the application name (`appName`).
-- **Origin**: The origin URL that the credential is generated on. Defaults to the origin of the request.
-- **Timeout**: The time in milliseconds that the user has to complete the credential generation process. Defaults to `6000`.
-- **Attestation**: Controls how much information about the authenticator is included in the attestation statement. This controls what authenticators are supported. Defaults to `none`.
-- **Supported Algorithms**: The cryptographic algorithms that can be used for generating credentials. Different authenticators support different algorithms. Defaults to `[-8, -7, -257]`.
-- **Resident Key**: Whether the credential should be stored on the authenticator device. Defaults to `required`.
-- **User Verification**: Controls whether user verification (like PIN or biometrics) is required. Defaults to `preferred`.
-- **User Display Name**: The display name of the user. Defaults to the `email` field.
+| Option | Key Name | Description | Default Value |
+|--------|----------|-------------|---------------|
+| Relying Party ID | `relyingPartyId` | The domain name of your application that will be shown to the user during authentication. | API domain (`apiBasePath`) |
+| Relying Party Name | `relyingPartyName` | The display name of your application that will be shown to the user during authentication. | Application name (`appName`) |
+| Origin | `origin` | The origin URL that the credential is generated on. | Origin of the request |
+| Timeout | `timeout` | The time in milliseconds that the user has to complete the credential generation process. | `6000` |
+| Attestation | `attestation` | Controls how much information about the authenticator is included in the attestation statement. This controls what authenticators are supported. | `none` |
+| Supported Algorithms | `supportedAlgorithms` | The cryptographic algorithms that can be used for generating credentials. Different authenticators support different algorithms. | `[-8, -7, -257]` |
+| Resident Key | `residentKey` | Whether the credential should be stored on the authenticator device. | `required` |
+| User Verification | `userVerification` | Controls whether user verification (like PIN or biometrics) is required. | `preferred` |
+| User Display Name | `displayName` | The display name of the user. | `email` field |
 
 Below is an example of how you can customise the credential generation options.
 
@@ -133,10 +140,13 @@ supertokens.init({
 
 When a user attempts to login using a WebAuthN credential, the credential is used for signing a challenge through the client using `navigator.credentials.get` function. The options for signing the challenge are generated on the server through the SDK and defined how the authentication will take place:
 
-- **Relying Party ID**: The domain name (Relying Party ID) of your application that will be used for validating the credential.
-- **Origin**: The origin URL that the credential is generated on. Defaults to the origin of the request.
-- **Timeout**: The time in milliseconds that the user has to complete the credential validation process. Defaults to `6000`.
-- **User Verification**: Controls whether user verification (like PIN or biometrics) is required. Defaults to `preferred`.
+| Option | Key Name | Description | Default |
+|--------|----------|-------------|---------|
+| **Relying Party ID** | `relyingPartyId` | The domain name of your application that will be used for validating the credential. | - |
+| **Relying Party Name** | `relyingPartyName` | The human-readable name of your application. | - |
+| **Origin** | `origin` | The origin URL that the credential is generated on. | Origin of the request |
+| **Timeout** | `timeout` | The time in milliseconds that the user has to complete the credential validation process. | `6000` |
+| **User Verification** | `userVerification` | Controls whether user verification (like PIN or biometrics) is required. | `preferred` |
 
 Below is an example of how you can customise the credential generation options.
 

v3/docs/authentication/webauthn/initial-setup.mdx

@@ -6,6 +6,20 @@ sidebar_position: 2
 
 import { UIType } from "/src/components/UITypeSwitch";
 
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+import {
+    FrontendPrebuiltUITabs,
+    BackendTabs,
+    FrontendCustomUITabs,
+    ReactRouterVersionTabs,
+} from "/src/components/Tabs";
+import { AppInfoForm } from "/src/components/Forms";
+import { NodePackageManagerCard, JavascriptHttpLibraryCard, NpmOrScriptsCard, MobileFrameworksCard } from "/src/components/Cards";
+import { Question, Answer } from "/src/components/Question";
+import { ReferenceCard } from "/src/components/Cards";
+import ReactRouterCallout from "/docs/_blocks/react-router-callout.mdx";
+
 # Quickstart
 
 ## Overview
@@ -14,8 +28,9 @@ This page will show you how to add the WebAuthn recipe to your project. The tuto
 
 ## Before you start
 
--- important note --
-These intructions assume that you already have gone through our main quickstart guide. If you have skipped that page please follow the tutorial and return here once you're done.
+:::info Note
+These instructions assume that you already have gone through our main quickstart guide. If you have skipped that page please follow the tutorial and return here once you're done.
+:::
 
 
 ## Steps 
@@ -24,22 +39,122 @@ These intructions assume that you already have gone through our main quickstart
 
 <UIType.PrebuiltUIContent>
 
-prebuilt
 
+### 1. Initialize the Frontend SDK
+
+<FrontendPrebuiltUITabs showMobileTab>
+    <FrontendPrebuiltUITabs.TabItem value="reactjs">
+#### 1.1 Add the `Webauthn` recipe in your main configuration file.
+
+```tsx
+import React from 'react';
+
+import SuperTokens, { SuperTokensWrapper } from "supertokens-auth-react";
+// highlight-next-line
+import Webauthn from "supertokens-auth-react/recipe/webauthn";
+import Session from "supertokens-auth-react/recipe/session";
+
+SuperTokens.init({
+    appInfo: {
+        // learn more about this on https://supertokens.com/docs/references/app-info
+        apiDomain: "",
+        apiBasePath: "",
+        appName: "...",
+    },
+    recipeList: [
+        // highlight-start
+        WebAuthn.init(),
+        // highlight-end
+        Session.init()
+    ]
+});
+```
+
+#### 1.2 Include the pre-built UI components in your application.
+
+In order for the **pre-built UI** to render inside your application, you have to specify which routes show the authentication components.
+The **React SDK** uses [**React Router**](https://reactrouter.com/en/main) under the hood to achieve this.
+Based on whether you already use this package or not in your project, there are two different ways of configuring the routes.
+
+        <Question question="Do you use react-router-dom?" defaultAnswer="Yes">
+            <Answer title="Yes">
+```tsx
+import React from 'react';
+import {
+    BrowserRouter,
+    Routes,
+    Route,
+    Link
+} from "react-router-dom";
+
+// highlight-next-line
+import { WebauthnPreBuiltUI } from 'supertokens-auth-react/recipe/webauthn/prebuiltui';
+import SuperTokens, { SuperTokensWrapper } from "supertokens-auth-react";
+import { getSuperTokensRoutesForReactRouterDom } from "supertokens-auth-react/ui";
+import * as reactRouterDom from "react-router-dom";
+
+class App extends React.Component {
+    render() {
+        return (
+            <SuperTokensWrapper>
+                <BrowserRouter>
+                    <Routes>
+                        {/*This renders the login UI on the ^{appInfo.websiteBasePath} route*/}
+                        // highlight-next-line
+                        {getSuperTokensRoutesForReactRouterDom(reactRouterDom, [WebauthnPreBuiltUI])}
+                        {/*Your app routes*/}
+                    </Routes>
+                </BrowserRouter>
+            </SuperTokensWrapper>
+        );
+    }
+}
+```
+
+                <ReactRouterCallout />
+            </Answer>
+            <Answer title="No">
+
+```tsx
+import React from 'react';
+import SuperTokens, { SuperTokensWrapper } from "supertokens-auth-react";
+// highlight-next-line
+import { WebauthnPreBuiltUI } from 'supertokens-auth-react/recipe/webauthn/prebuiltui';
+import { canHandleRoute, getRoutingComponent } from "supertokens-auth-react/ui";
+
+class App extends React.Component {
+    render() {
+        // highlight-start
+        if (canHandleRoute([WebauthnPreBuiltUI])) {
+            // This renders the login UI on the ^{appInfo.websiteBasePath} route
+            return getRoutingComponent([WebauthnPreBuiltUI])
+        }
+
+        // highlight-end
+
+        return (
+            <SuperTokensWrapper>{/*Your app*/}</SuperTokensWrapper>
+        );
+    }
+}
+```
+            </Answer>
+        </Question>
+    </FrontendPrebuiltUITabs.TabItem>
+</FrontendPrebuiltUITabs>
 </UIType.PrebuiltUIContent>
 
 <UIType.CustomUIContent>
 
-### 1. Initialize the Frontend SDK
-
+#### 1.1 Add the `Webauthn` recipe in your main configuration file.
 
 Call the SDK init function at the start of your application. The invocation includes the main configuration details, as well as the recipes that you will be using in your setup.
 
 - Web
 ```ts
 import SuperTokens from 'supertokens-web-js';
 import Session from 'supertokens-web-js/recipe/session';
-import WebAuthN from 'supertokens-web-js/recipe/webauthn'
+import Webauthn from 'supertokens-web-js/recipe/webauthn'
 
 SuperTokens.init({
     appInfo: {
@@ -49,17 +164,12 @@ SuperTokens.init({
     },
     recipeList: [
         Session.init(),
-        WebAuthN.init(),
+        Webauthn.init(),
     ],
 });
 ```
 
-### 2. Add the Authentication UI
-
-The following section will demonstrate you what aspects you need to cover in order to implement the UI for the WebAuthN flow.
-
-
-#### 2.1 Add the Signup Form
+#### 1.2 Add the Signup Form
 
 You will have to first add the UI elements which will render your form. When the users submits the form you will have to call the following API to create the credential and send it to the backend in order to create the user and store the credential.
 
@@ -111,7 +221,7 @@ async function signUp(email: string) {
 }
 ```
 
-#### 2.2 Add the Login Form
+#### 1.3 Add the Login Form
 
 You will have to first add the UI elements which will render your form. When the users submits the form you will have to call the following API to use the credential and send the response to the backend in order to login the user.
 
@@ -155,12 +265,13 @@ async function signIn(email: string) {
     }
 }
 ```
+</UIType.CustomUIContent>
 
-### 3. Initialize the Backend SDK
+### 2. Initialize the Backend SDK
 
 You will have to intialize the Backend SDK alongside the code that starts your server. The init call will include configuration details for your app, how the backend will connect to the SuperTokens Core, as well as the Recipes that will be used in your setup.
 
-For the WebAuthN recipe, you can also specify the following optional parameters: 
+For the WebAuthN recipe, you can also specify the following optional parameters:
 - `emailDelivery`: Configure how verification emails are sent to users. You can use the default email service or integrate your own email delivery provider.
 
 - `getRelyingPartyId`: Set the domain name that will be associated with the WebAuthn credentials (e.g. "example.com"). This helps ensure credentials can only be used on your domain. It defaults to the origin domain.
@@ -195,22 +306,12 @@ supertokens.init({
         websiteBasePath: "/auth",
     },
     recipeList: [
-        WebAuthN.init({
-            getRelyingPartyId: () => {
-                return '<YOUR_API_DOMAIN>';
-            },
-            getRelyingPartyName: () => {
-                return '<YOUR_APP_NAME>';
-            },
-        }),
-        Session.init() 
+        WebAuthN.init(),
+        Session.init()
     ]
 });
 ```
 
-</UIType.CustomUIContent>
-
-
 ## Next Steps
 
 Now that you have completed the main setup you can explore more advanced topics related to the WebAuthN recipe.

v3/docs/authentication/webauthn/introduction.mdx

@@ -31,16 +31,8 @@ Key aspects of passkeys include:
 
 - **Platform Integration**: Passkeys are deeply integrated into operating systems and browsers, providing a seamless experience across different platforms and devices
 
-- **Enhanced Security**: 
-  - End-to-end encryption during syncing
-  - Phishing-resistant by design
-  - Based on public key cryptography
-  - Protected by biometric authentication or device PIN
-
 - **Improved User Experience**:
-  - No passwords to remember
   - Automatic syncing between devices
-  - Quick and easy authentication using biometrics
   - Familiar system UI for authentication
 
 While passkeys and WebAuthn credentials share the same underlying technology, passkeys add the convenience of cross-device availability while maintaining the strong security guarantees of WebAuthn.
@@ -51,7 +43,9 @@ Before diving into WebAuthn implementation, it's important to understand the key
 
 For a more detailed explanation of the WebAuthn specification, you can refer to the [WebAuthn specification](https://www.w3.org/TR/webauthn/).
 
-Note: Throughout our documentation, the terms "passkey" and "credential" are used interchangeably, though they have subtle technical differences explained below.
+:::info Note
+Throughout our documentation, the terms "passkey" and "credential" are used interchangeably, though they have subtle technical differences explained below.
+:::
 
 - **Passkey**: A user-friendly term for WebAuthn credentials that are synced across a user's devices. Passkeys are:
   - More convenient than traditional credentials as they sync automatically
@@ -89,7 +83,6 @@ Note: Throughout our documentation, the terms "passkey" and "credential" are use
 
 The WebAuthn feature in SuperTokens provides:
 
-- Complete implementation of the WebAuthn standard
 - Support for platform authenticators (biometric sensors) and roaming authenticators (security keys)
 - Automatic handling of device registration and authentication
 - Integration with other SuperTokens features