Glossary
API key
API keys are unique identifiers that authenticate requests to the Passage API. Keys must be created in the Passage console.
App ID
Apps are the fundamental components of Passage. They provide authentication solutions for an isolated collection of users. App IDs are the external identifiers for Passage App IDs. App IDs are neccessary to utilize all Passage backend and client SDKs.
Passage App IDs can be found in the Passage Console on the corresponding app dashboard.
Authentication tokens
Authentication tokens allow users to securely access websites and mobile applications. After successful authentication with Passage Flex, users should be issued an access token. Passage Flex can work with any existing token systems.
External identifier
Numeric or alphanumeric strings used in databases to identify a single entity such as an email address, username, or phone number. Passage will associate a transaction ID with the external identifier you provide.
FIDO alliance
The Fast Identity Online (FIDO) Alliance (opens in a new tab). sets authentication standards that promote strong authentication without the use of passwords. 1Password is an active member of the FIDO Alliance.
Nonce
Also known as cryptographic nonce.
A randomly-generated string to prevent replay attacks. Proves that messages are received by the intended sender and not reused during the authentication process.
Passkey
Passkeys are a form of authentication that eliminates the need for traditional passwords. Utilizing public-key cryptography, passkeys create a unique cryptographic key-pair comprising a public key and a private key stored securely on the user's device and the service provider's server, respectively. Passkeys work seamlessly with biometric authentication methods like Face ID and Touch ID.
Passkey autofill
Also known as conditional mediation or conditional UI.
Allows users to autofill passkeys in designated input fields without triggering the passkey modal UI.
Passkey event
An authentication event, such as a passkey login or registration.
Passkey login
An authentication event to authenticate a user’s passkey during a login or MFA ceremony. A passkey login triggers the WebAuthn authentication flow.
Passkey register
An authentication event to register a new passkey. The passkey may be added to a new account during registration, or to an existing account, for the purpose of authentication or MFA. Multiple passkeys may be enrolled to the same account across different devices and browsers. A passkey register triggers the WebAuthn registration flow.
Transaction
Each WebAuthn registration or authentication session is wrapped in a one-time transaction that identifies the session with the user's external identifier. Passage generates an alpha-numeric string, transaction ID, to identify every transaction.
WebAuthn
Web Authentication API (WebAuthn), published by the World Wide Web Consortium (W3C), standardizes an interface to authenticate using passkeys. Guided by the FIDO Alliance.