@simplewebauthn/browser
SimpleWebAuthn for Browsers
About
SimpleWebAuthn for Browsers
Live mirror of the GitHub README. Updated whenever the repo's default branch changes.
@simplewebauthn/browser
Installation
This package can be installed from NPM and JSR:
Node LTS 20.x and higher
npm install @simplewebauthn/browser
Deno v1.43 and higher
deno add jsr:@simplewebauthn/browser
UMD
This package can also be installed via unpkg by including the following script in your page's
<head> element. The library's methods will be available on the global SimpleWebAuthnBrowser
object.
NOTE: The only difference between the two packages below is that the ES5 bundle includes some polyfills for older browsers. This adds some bundle size overhead, but does enable use of
browserSupportsWebAuthn()in older browsers to show appropriate UI when WebAuthn is unavailable.
ES2021
If you only need to support modern browsers, include the ES2021 version:
<script src="https://unpkg.com/@simplewebauthn/browser/dist/bundle/index.umd.min.js"></script>
ES5
If you need to support WebAuthn feature detection in deprecated browsers like IE11 and Edge Legacy,
include the ES5 version:
<script src="https://unpkg.com/@simplewebauthn/browser/dist/bundle/index.es5.umd.min.js"></script>
Documentation
You can find in-depth documentation on this package here: https://simplewebauthn.dev/docs/packages/browser
Quick facts
npm install @simplewebauthn/browserHow Sourcemap Explorer detects @simplewebauthn/browser
We catch @simplewebauthn/browser from two complementary signals: bundled source paths and the embedded package.json. Modern bundlers (webpack, Vite, esbuild, Rollup, Turbopack) preserve the original node_modules/@simplewebauthn/browser/ paths inside the JavaScript sourcemap's sources[] array — that's the canonical signal. When the matching package.json is also captured in sourcesContent[], we read the exact version field — patch number included. No regex guessing, no version inference.
- 1
Confirm the site exposes sourcemaps
In DevTools Network, check the response headers of any application script for `SourceMap` or `X-SourceMap`. Failing that, fetch the script's last 4 KB and look for a `//# sourceMappingURL=` comment.
- 2
Find the package in the bundle
Open DevTools → Network → reload. Click any application script and look at its sourcemap. Inside, search `sources[]` for entries matching `node_modules/@simplewebauthn/browser/` — every match confirms the package is bundled. The matching `sourcesContent[i]` for `node_modules/@simplewebauthn/browser/package.json` gives you the exact installed version.
- 3
Read the version directly from package.json
Run `jq -r '. as $m | $m.sources | to_entries[] | select(.value | endswith("node_modules/@simplewebauthn/browser/package.json")) | $m.sourcesContent[.key] | fromjson | .version' bundle.js.map`. Sourcemap Explorer automates the same query in the popup.
Recent versions
FAQ
What is @simplewebauthn/browser used for?
SimpleWebAuthn for Browsers
How can I tell if a website is using @simplewebauthn/browser?
Open the page in Chrome with the Sourcemap Explorer extension installed and read the Stack tab. We catch `@simplewebauthn/browser` from two complementary signals: `node_modules/@simplewebauthn/browser/` paths inside the JavaScript sourcemap, and the embedded `package.json` we read for exact-version detection. Without the extension you can do the same lookup manually in DevTools — the steps are listed in the "How Sourcemap Explorer detects" section above.
What is the latest version of @simplewebauthn/browser?
13.3.0, as published on the npm registry. The "Recent versions" table on this page lists the most recent 8 releases with their release dates. Sourcemap Explorer reports the version actually bundled into a site, which can lag the latest release by months on real-world deployments.
Where can I read more?
Project homepage: https://github.com/MasterKale/SimpleWebAuthn/tree/master/packages/browser#readme. Source code: https://github.com/MasterKale/SimpleWebAuthn. Published on npm: https://www.npmjs.com/package/@simplewebauthn/browser. Licensed as MIT.
Detected by Sourcemap Explorer
When a bundle ships sourcemaps, we read the embedded package.json for @simplewebauthn/browser and report the precise version. Without sourcemaps, an import / require in the page's scripts is enough to flag it.