Client To Authenticator Protocol


Client To Authenticator Protocol (CTAP) "draft" specification describes an Application Layer protocol for communication between a roaming authenticator and another client/platform, as well as bindings of this application protocol to a variety of transport protocols using different physical media.

FIDO2 clients, such as browsers implementing the W3C Web Authentication (W3C WebAuthn) specification, to perform authentication using pairwise Public Key/Private Key pairs securely held by authenticators speaking the Client To Authenticator Protocol protocol (rather than passwords). Use of three transports for communicating with authenticators is specified in the CTAP specification: USB Human Interface Device (USB HID), Near Field Communication (NFC), and Bluetooth Smart/Bluetooth Low Energy (BLE).

The Application Layer protocol defines requirements for such transport protocols. Each transport binding defines the details of how such transport layer connections should be set up, in a manner that meets the requirements of the application layer protocol.

More Information#

There might be more information for this subject on one of the following: