About this site

Who built it, and why

passkeydemo.com is a free tech demo built by Precisit. It costs us a little to run and some of our time to maintain, and what we get out of it is straightforward: visibility with an audience of developers who care about how authentication actually works under the hood. There's no sign-up, no data collection beyond what's needed to run the demos themselves, and every demo account self-destructs within 24 hours.

What it deliberately isn't

Not a production auth starter kit — there's no account recovery, no password fallback, no MFA orchestration. Not an enterprise attestation or FIDO metadata deep-dive. Not a CTAP2 protocol reference. Just first-principles passkey ceremonies, shown as real, running code.

How it's built

The site is Astro, static-output, with Preact islands for the live demos — most of each page ships zero JavaScript. Client-side WebAuthn code is deliberately raw navigator.credentials.*, not wrapped in a helper library, because the point of this site is seeing that API directly.

The API is Hono, running on AWS Lambda behind CloudFront and API Gateway, using @simplewebauthn/server for ceremony verification. Demo accounts, credentials, and sessions live in a single DynamoDB table with a 24-hour TTL.

Every code snippet shown across this site is pulled directly from the running source at build time — never hand-copied — so it can't drift from what's actually deployed. The "Ceremony Inspector" on every demo decodes the real WebAuthn response independently on both the client and the server, side by side, rather than presenting a single summary either one claims to be true.

Feedback

Found something wrong, confusing, or out of date? Reach out via precisit.com.