Open Passkey brings free backendless passkey auth to 33 frameworks
Open Passkey is a new MIT-licensed passkey auth library supporting 33 languages and frameworks, paired with a free hosted "backendless" auth server so frontend apps can ship without configuring a backend.
Score breakdown
Frontend developers can now add secure, passkey-based auth and encrypted secret storage to a purely CDN-hosted app — no server, no cost, no configuration — by pointing to the free `gateway` hosted service.
- 01Open Passkey is MIT-licensed and includes examples for 33 languages and frameworks.
- 02Companion service `gateway` (gateway.locke.id) is a free hosted auth server that requires no backend configuration.
- 03Gateway runs on an AWS `t.large` instance, estimated to support millions of accounts and sessions.
ConnorPeters released Open Passkey, an MIT-licensed passkey authentication repository designed to eliminate the deployment friction that has plagued vibe-coded and Claude Code-assisted projects — a pain point also noted publicly by Andrej Karpathy. The library ships with examples for 33 languages and frameworks, making it straightforward to drop passkey-based auth into almost any stack. It prioritizes post-quantum cryptographic algorithms, though the author acknowledges browser support for those algorithms does not yet exist.
The companion release is `gateway` (gateway.locke.id), a hosted "backendless" auth server that frontend apps can consume directly for free.
The companion release is `gateway` (gateway.locke.id), a hosted "backendless" auth server that frontend apps can consume directly for free. It runs on an AWS `t.large` instance, which the team estimates can comfortably support millions of accounts and sessions. The explicit design target is small apps shipped via CDNs like Netlify — not large-scale production deployments. For teams that prefer self-hosting, exporting user public keys is supported, with `rp_id` verification handled via domain TXT records.
On top of the auth layer, the project introduces a zero-config end-to-end encrypted key-value store modeled after the browser's `localStorage` API. It exposes a simple `setItem()` / `getItem()` interface that uses PRF (Pseudo-Random Function) extensions with passkeys to encrypt values before storing them on the Gateway, enabling frontend apps to securely handle API keys and secrets without spinning up a server.
Key facts
- 01Open Passkey is MIT-licensed and includes examples for 33 languages and frameworks.
- 02Companion service `gateway` (gateway.locke.id) is a free hosted auth server that requires no backend configuration.
- 03Gateway runs on an AWS `t.large` instance, estimated to support millions of accounts and sessions.
- 04The library prioritizes post-quantum cryptographic algorithms, though browser support is not yet available.
- 05A zero-config end-to-end encrypted key-value store is included, using a `setItem()` / `getItem()` API backed by PRF with passkeys.
- 06User public key export is supported, with `rp_id` verification via domain TXT records for self-hosters.
- 07The project was motivated by deployment friction experienced when shipping small apps built with Claude Code.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Apr 19, 2026 · 11:33 UTC. How this works →