Path to passkeys with Spring Security

How to Add Passkey Authentication to Your Spring Security Java App

There are many ways to utilize passkeys. Handling authentication internally within your app may not be the fanciest way to do it in 2025, but for legacy apps and when aiming for architectural simplicity, handling passkeys by yourself, like handling usernames and passwords, can still be a well-argued option. Spring Security has fairly recently added support for passkeys (via WebAuthn), making it an obvious library to utilize if you, for example, already use it for username-password style authentication.

Subscribe to our newsletter

Be the first to learn about new Vaadin resources and tips

Build Java UIs faster with Vaadin's AI copilot

Flying with Vaadin Copilot: AI-enhanced Java UI development takes off

Modern business apps demand powerful, responsive UIs—and Java developers are no longer stuck managing the frontend alone. With Vaadin Copilot, Java teams can build intuitive, production-grade UIs in Java faster, thanks to a smart blend of visual tools, AI assistance, and a code-first developer ...
BCI modernized their task management tool with Vaadin.

Process Manager: Modernizing BCI’s intranet tool with Vaadin

BCI modernized its internal tools by replacing legacy systems with Vaadin. With the new Process Manager intranet tool, they improved developer onboarding, streamlined operations, and delivered a modern, responsive user experience—all using a full-stack Java approach. The challenge BCI Mozambique ...
Learn how to track vessels in real-time with a Java web app using AIS data, MQTT messaging, and Vaadin's WebSocket-based UI.

True nerd stuff: Plotting vessel positions with AIS, MQTT & WebSockets

I recently blogged about my enhanced web UI for a ferry reservation system we use on my "home island." It has lately been gaining more users and feature requests. As an old orienteer, I desperately wanted to see where the ferry was in real time, so I could optimize those last couple of minutes in ...
how to integrate web components into Vaadin Flow apps

How to integrate external components into a Vaadin Flow application

With Vaadin, you’re not limited to just Java-based components provided by Vaadin or the Directory — you can seamlessly integrate a wide variety of frontend elements and libraries into your Flow-based application. Whether you’re dealing with native HTML elements, custom Web Components, React ...
be first to try Vaadin 25 and join the beta program!

Vaadin 25 beta testers wanted

The next major version of the Vaadin platform will ship in December 2025. Although there are still eight months to go, the first beta version will be released in September, and we’re already looking for volunteers for a supported upgrade pilot program. Read on to learn more about what’s cooking and ...
what java 24 means for your Vaadin app

What Java 24 means for Vaadin applications

One of the really awesome things about Java is its forward compatibility. This means that existing Java code can benefit from language features that didn't even exist when the code was written. This applies on two different levels - first, there are the fully automatic cases where, e.g., ...
Vaadin Control Center is now GA – with Passkeys support!

Vaadin Control Center 1.2.0 GA: Passkey login, automated DNS, TLS & more

We’re excited to announce that Control Center 1.2.0 is now Generally Available (GA) with Vaadin 24.7! This release removes the Preview tag and brings powerful new features to simplify your deployment workflows, enhance security, and improve observability. Let’s dive into what’s new. Automatic DNS ...
Get a sneak prieview of what's coming in Vaadin 25

What’s coming in Vaadin 25?

The next major version of the Vaadin platform is scheduled to ship in December 2025. That may sound like a long time, but it’s really just a blip in framework years, and an early beta is coming already in September. Here’s a glimpse of some of the great new features planned for V25. psst...We also ...
3 ways to go passwordless

Three methods to go passwordless in 2025

Passwords continue to be a persistent pain point in web security—tricky to implement safely and even harder to manage due to weak user practices and vulnerabilities like social engineering. Thankfully, we have a robust alternative available: Passkeys via the Web Authentication API (aka WebAuthn). ...