Authentry – Face ID, Fingerprint & Passkey Login

설명

Passwordless passkey login for WordPress using Face ID, fingerprint, Touch ID, and Windows Hello.

🔐 Passwordless Login Is Here, and It’s Simpler Than You Think

Authentry brings passkey authentication to WordPress. One tap. One glance. Instantly signed in.

No passwords to type. No usernames to remember. No resets, no friction, no phishing.

Passkeys are built on the WebAuthn / FIDO2 standard, the same technology trusted by Google, Apple, and Microsoft. Authentry brings that same enterprise-grade security to any WordPress site, for free.

👆 Your Users Already Know How to Use It

They unlock their phone with a fingerprint or Face ID dozens of times a day. Authentry makes signing into your site feel exactly the same.

Here’s the flow: user taps the Authentry button → confirms with Touch ID, Face ID, Android fingerprint, or Windows Hello → they’re in. That’s it.

Enable usernameless login in settings and they don’t even need to type their email. The site finds their passkey automatically, as effortless as unlocking their phone.

💡 Perfect for: membership sites, WooCommerce stores, subscription platforms, and any audience that expects a fast, modern, mobile-first experience.

✨ Key Features

• 🚫 Zero-password login: tap a fingerprint or glance at the camera to sign in instantly
• 👆 Full biometric support: Face ID, Touch ID, Android fingerprint, and Windows Hello
• 👤 Usernameless sign-in: passkey account discovery lets users skip typing their email entirely, with a smart fallback for unsupported devices
• 🛡️ FIDO2 / WebAuthn compliant: follows the W3C WebAuthn Level 2 specification
• 🔑 ES256 and RS256 support: works with all major authenticator types
• 🛒 Full WooCommerce integration: passkey buttons on login and registration forms, plus a Security Keys tab in My Account
• ⚙️ User profile management: view, rename, and delete passkeys from WP Admin, WooCommerce My Account, or any page via the [authentry_manage] shortcode
• 📌 Three ready-to-use shortcodes: [authentry_button] to sign in, [authentry_register] to add a passkey, [authentry_manage] for the full management UI
• 🧰 Developer-friendly hooks: filters and actions for complete customization
• 🎨 Tabbed settings page: General, Appearance, Security, Advanced, and Integration
• ⏱️ Rate limiting: transient-based, 10 requests per IP per minute
• 🔄 Replay attack protection: sign count strictly enforced per credential
• 🌙 Dark mode support: full CSS dark mode included out of the box

🌐 Supported Browsers

• Chrome 67+ (desktop and Android)
• Safari 16+ (macOS and iOS)
• Firefox 60+
• Microsoft Edge 18+
• Samsung Internet 9.0+

📋 Shortcode Reference

Sign-In Button (guests)

[authentry_button label="Sign in with Passkey" style="default" redirect="" class=""]

Add a Passkey (logged-in users only)

[authentry_register label="Add a passkey" style="default" class="" reload="1"]

Omit label to use the value set in Appearance settings. Set reload="0" to stay on the page after a successful registration.

Full Passkey Management UI (logged-in users only)

[authentry_manage class="" title=""]

Lists all passkeys with rename, delete, and add controls, the same UI shown in WooCommerce My Account and the WP Admin profile page. Scripts load automatically.

Shortcode Attributes – [authentry_button]

• label: button text (default: from Appearance settings)
• style: default, outline, or ghost
• redirect: URL to send the user after a successful login
• class: additional CSS class names

Shortcode Attributes – [authentry_register]

• label: button text (default: from Appearance settings)
• style: default, outline, or ghost
• class: extra CSS class on the wrapper
• reload: 1 (default) reloads the page after registration; 0, false, or no stays on the current page

Shortcode Attributes – [authentry_manage]

• class: extra CSS class on the wrapper
• title: optional section heading (default: “Security Keys”; also filterable via authentry_manage_heading)

🔧 Custom Login Pages

Already have a custom login page? No problem. Just drop the Authentry button in and keep your existing form. No need to rebuild anything.

✅ Recommended: Shortcode

1. Edit your custom login page

2. Add a Shortcode block:

   [authentry_button]

3. Optionally, pass attributes:

   [authentry_button label=”Sign in with Passkey” redirect=”https://yoursite.com/my-account/” style=”outline”]

Authentry automatically enqueues its CSS and JavaScript on standard front-end pages. No extra setup needed.

Alternative: PHP Template

In your login template file:

do_action( 'authentry_render_button', [ 'redirect' => home_url( '/my-account/' ) ] );

Any missing keys fall back to your Authentry > Appearance and General settings.

Username / Email Field (non-usernameless flow)

When usernameless login is off, or when a browser falls back from discovery mode, Authentry looks for a username or email field using these selectors:

• #user_login (WordPress default)
• input[name="username"]
• input[name="email"]

If the field is already filled when the user clicks the button, that value is sent automatically. If it’s empty, the user is prompted. With usernameless login on, users can often sign in without typing anything at all.

Let Users Manage Their Passkeys

On any member dashboard or account page (logged-in users), add the full management UI:

[authentry_manage]

Or just the “Add a passkey” button with no list:

[authentry_register]

In a theme template:

do_action( 'authentry_render_manage', [ 'title' => 'Security Keys' ] );

Page Builders & Late-Rendered Output

If the button is printed after wp_enqueue_scripts, for example in some page builders or AJAX-loaded forms, fire this hook once before output:

do_action( 'authentry_enqueue_public_assets' );

The [authentry_register] and [authentry_manage] shortcodes handle this automatically. Use the same hook in custom templates if styles or scripts appear to be missing.

Redirects & Customization

• Per-button redirect: redirect attribute on [authentry_button], or the redirect key in authentry_render_button
• Global redirect: Authentry > General > Redirect URL after login, or the authentry_redirect_url filter
• Button HTML: authentry_button_html filter

For Developers

See Authentry > Integration in the admin for the full reference of shortcodes, actions, filters, and REST API endpoints (/wp-json/authentry/v1/...). The global window.Authentry object is also available for advanced JavaScript integrations.

Hook-Only Example (theme login template)

Step 1 – In your login markup:

do_action( 'authentry_render_button', [ 'context' => 'my-theme-login' ] );

Step 2 – In functions.php or your login class:

add_filter( 'authentry_login_username_selectors', function( $selectors ) {
    $selectors[] = '#my-login-email';
    return $selectors;
} );

add_filter( 'authentry_redirect_url', function( $url, $user ) {
    return home_url( '/account/' );
}, 10, 2 );

🧑‍💻 Developer Hooks

Actions – Render UI in Theme Templates

do_action( 'authentry_render_button', $args );
do_action( 'authentry_render_manage', [ 'class' => '', 'title' => '' ] );
do_action( 'authentry_render_passkey_reminder', [ 'context' => 'member-dashboard' ] );

Filters

• authentry_creation_options: modify WebAuthn credential creation options
• authentry_request_options: modify WebAuthn authentication request options
• authentry_redirect_url: modify the post-login redirect URL
• authentry_button_html: modify the rendered login button HTML
• authentry_register_shortcode_html: modify the rendered [authentry_register] HTML
• authentry_manage_shortcode_html: modify the rendered [authentry_manage] HTML
• authentry_manage_heading: modify the section heading on the management UI
• authentry_render_manage_args: adjust args before authentry_render_manage output
• authentry_render_button_args: adjust args before authentry_render_button output
• authentry_login_username_selectors: CSS selectors for username/email fields on custom login forms
• authentry_user_has_passkey: filter whether a user has at least one registered passkey
• authentry_show_passkey_reminder: control the built-in passkey setup reminder notice
• authentry_passkey_reminder_profile_url: change the profile URL linked from the built-in reminder

User meta

• authentry_has_passkey: 1 when the user has at least one passkey, otherwise 0 (kept in sync automatically)

Helper function

• authentry_user_has_passkey( $user_id = 0 ): returns true when the user has registered at least one passkey
• authentry_render_passkey_reminder( $args ): echo the built-in reminder in a custom template or panel
• authentry_get_passkey_reminder_html( $args ): return the reminder HTML as a string

Actions

• authentry_enqueue_public_assets: enqueue public CSS/JS (useful when output is built late)
• authentry_before_manage_passkeys / authentry_after_manage_passkeys: fires before/after the management UI block
• authentry_before_render_login_button: fires before sign-in button HTML is echoed in custom templates
• authentry_after_render_login_button: fires after sign-in button HTML is echoed in custom templates