Authenticator.
A hardware or software component that holds the credential and produces the cryptographic proof of authentication on the user's behalf.
For consumer apps in 2026, accept any compliant authenticator and let users choose. For enterprise workforce or regulated scenarios, AAGUID-based attestation can restrict to specific authenticator models, useful when the threat model requires hardware-attested device identity (Beyond Identity, FIDO2 keys with attestation).
Common questions
What's a platform authenticator?
Is a passkey provider an authenticator?
Can I require a specific authenticator?
Related terms
In the guides
Passwordless Authentication: A 2026 Practitioner's Guide
How passkeys, magic links, and biometrics replace passwords in CIAM, with implementation patterns, adoption data, and vendor support.
WebAuthn Explained: How Passkeys Work Under the Hood
WebAuthn is the W3C browser API that powers passkeys. A practical explanation of registration, assertion, RP-IDs, attestation, and the architecture choices that determine adoption.