License

This project, with the exception of the files mentioned below, is licensed under the BSD 2-clause license. See the COPYING file for the full license text.

This project also bundles the public suffix list (https://publicsuffix.org) which is licensed under the Mozilla Public License, version 2.0. This file is stored as fido2/public_suffix_list.dat. See https://mozilla.org/MPL/2.0/, or the COPYING.MPLv2 file for the full license text.

Requirements

fido2 is compatible with Python 3.7 and later, and is tested on Windows, MacOS, and Linux. Support for OpenBSD, FreeBSD, and NetBSD is provided as-is and relies on community contributions.

Installation

fido2 is installable by running the following command:

To install the dependencies required for communication with NFC authenticators, instead use:

Under Windows 10 (1903 or later) access to FIDO devices is restricted and requires running as Administrator. This library can still be used when running as non-administrator, via the fido.client.WindowsClient class. An example of this is included in the file examples/credential.py.

Under Linux you will need to add a Udev rule to be able to access the FIDO device, or run as root. For example, the Udev rule may contain the following:

#Udev rule for allowing HID access to Yubico devices for FIDO support.

KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \
  MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"

Under FreeBSD you will either need to run as root or add rules for your device to /etc/devd.conf, which can be automated by installing security/u2f-devd:

Development

For development of the library we use poetry. To set up the dev environment, run this command in the root directory of the repository:

We also use pre-commit to run some scans on the code prior to committing.