I am working with web authentication at work and recently I have started to play with ESP32 development board. The device has Bluetooth Low Energy (BLE) feature which is supported by FIDO2 WebAuthN specification as communication protocol. Now I'm curious if one can build secure web authentication device.

FIDO2 Web Authentication specification is available here.

From my understanding I need to implement two information profiles - 'Device Information' and 'FIDO2'. The great tutorial how to implement BLE server can be found here. Following this tutorial I could make ESP32 visible through Bluetooth connection and expose device information.

The next steps should be FIDO2 implementation.