Passkey Authentication

Protect any vertex with a passkey.

Passkey authentication brings phishing-resistant WebAuthn-style access control to Node Vertex. Use it for secret handoffs, internal pages, sensitive files, admin workflows, and high-assurance polygon steps.

Manage SecurityEdit Vertex Filters
Request vertex
    ↓
Vertex Firewall sees Passkey requirement
    ↓
User completes passkey authentication
    ↓
Node Vertex authorizes the read/write action
    ↓
Audit event records access
Authentication model: Passkey

Passwords are not enough for sensitive vertices.

Some vertices should require stronger proof than a public URL, bearer token, or shared passcode. Passkey Authentication lets a vertex require a signed-in, phishing-resistant user ceremony before the value, file, form response, or internal tool is exposed.

Every live signal, secret, and protected handoff deserves the right authentication model.

Use passkeys for

  • Secret Vertex access
  • Internal Static HTML Vertices
  • Protected image and file vertices
  • Payment or invoice administration
  • Device enrollment approvals
  • Agent command channels
  • High-risk polygon steps
  • Step-up access before downloads

Why passkeys fit vertices

  • Phishing-resistant user verification
  • No shared secret copied into chat
  • Works as a Vertex Firewall authentication model
  • Auditable per vertex access
  • Composable with TTL and lifecycle controls
  • Ready for step-up auth flows and approvals

Passkey as a Vertex Filter selection

In the control plane, open Vertices or Filters, choose a vertex, and set the authentication model to Passkey. You can combine passkey authentication with allowed methods, lifecycle behavior, read logging, TTL, and advanced filter conditions.

Vertex Firewall
  Authentication model: Passkey
  Allowed methods: GET,HEAD,OPTIONS
  Stealth behavior: NotFound
  Read logging: Enabled
  TTL: Optional

Secret Vertex + Passkey

The most natural first use is a Secret Vertex protected by passkey authentication.

nv create secrets/bootstrap "$TOKEN" --type secret -ttl 10m

Then in the control plane:
  Authentication model → Passkey

This creates a short-lived, auditable secret handoff that requires a trusted user ceremony before access.

Part of Vertex Auth

Passkey Authentication is one authentication model inside the broader Vertex Auth system. A vertex can represent authentication itself, or it can require authentication before allowing access to a value, secret, stream, file, form response, handoff, or workflow control point.

Auth as a vertex

Create a dedicated Auth Vertex for sign-in, MFA, step-up, and approvals.

Auth on a vertex

Set the Vertex Firewall model to Passkey for protected data and workflow endpoints.

Audit everywhere

Access decisions become visible events inside Node Vertex.

Make protected access simple.

Choose Passkey in the Vertex Firewall. Let the vertex enforce the policy.

Protect a Vertex Explore Vertex Auth