website/docs: Add Passkeys reference where WebAuthn is mentioned

[melizeche]

Details

Add Passkeys reference in several parts where WebAuthn is mentioned for better docs UX and SEO)

Rationale:

Passkeys is the de-facto term when people think about passwordless login and biometric 2fa and there's nothing on the website or docs that mention that term

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	3e74f2a
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/67bc98b6c34b0800081e1632
😎 Deploy Preview	https://deploy-preview-13167--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	3e74f2a
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/67bc98b6cb1d9100084176b0

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.70%. Comparing base (6da55dc) to head (3e74f2a).
Report is 3 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #13167      +/-   ##
==========================================
- Coverage   92.71%   92.70%   -0.01%     
==========================================
  Files         792      792              
  Lines       40231    40231              
==========================================
- Hits        37301    37298       -3     
- Misses       2930     2933       +3     

Flag	Coverage Δ
e2e	48.11% <ø> (-0.06%)	⬇️
integration	24.13% <ø> (ø)
unit	90.43% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-3e74f2ac0fbf5f6a263108b331bce6838991eb46
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-3e74f2ac0fbf5f6a263108b331bce6838991eb46

Afterwards, run the upgrade commands from the latest release notes.

[dominic-r]

Technically, WebAuthn != Passkey. If i'm not mistaken, WebAuthn is the web standard for passwordless authentication and passkeys are a type of credential which implement that standard. If we want to ignore technicalities, LGTM. - Is it worth breaking the docs' technical accuracy for UX?

Here's a source which confirms it: https://www.corbado.com/faq/how-does-webauthn-differ-from-passkeys

[melizeche]

@dominic-r Yup, I agree they are not the same thing, but is the term that most users are familiar with (at least more than WebAuthn). As I said, this is more about UX and SEO because if a user doesn't know that WebAuthn is the protocol, they might think that authentik doesn't support passkeys

but because this is a docs issue I'd like to get @tanberry approval before merging

[dominic-r]

Just throwing this out there, Teffen added tags to the Google docs: https://github.com/goauthentik/authentik/blob/main/website/docs/users-sources/sources/social-logins/google/workspace/index.md?plain=1#L4 . Does that show up in search? If so, that could be a decent idea as well? I agree about SEO and UX and yea let's get tana's opinion.

[tanberry]

Oooof this is a tough one to phrase. Words are indeed hard.

We agree they are not exactly the same thing. Yet we agree it is good for SEO and UX to be clear that we support Passkeys. Having a WebAuthn-based device means that we do support the use of Passkeys. But we need to be careful not to imply that they are the same thing... and using phrases like "WebAuthn/Passkey" or "WebAuthn (Passkeys)" does equalize them.

Question

Maybe this type of phrasing:

Passwordless authentication currently only supports WebAuthn-based devices (which provides for the use of passkeys), like security keys and biometrics.

Passwordless authentication (for example, using Passkeys) is currently only supported on WebAuthn-based devices, like security keys and biometrics.

Passwordless authentication currently only supports WebAuthn-based devices, which provides for the use of passkeys, security keys, and biometrics.

... WebAuthn (which enables passkey-based authentication)...

[melizeche]

@tanberry I’ve updated the other references to prevent confusion, but I believe we should include the term “passkey” in the title of the authenticator documentation since that’s what will appear in a Google search

Do you think that we can leave it this way or do you have any suggestions?

[tanberry]

Thanks for doing this, and for taking the time to phrase it just right.