Implementing a multi-tenant FIDO relying party server: Architecture, security, and scalability considerations

Gudipati, Ravikanth Reddy (2025) Implementing a multi-tenant FIDO relying party server: Architecture, security, and scalability considerations. World Journal of Advanced Engineering Technology and Sciences, 15 (1). pp. 765-773. ISSN 2582-8266

The transition to passwordless authentication using FIDO standards marks a transformative shift in modern security architecture, particularly in multi-tenant environments. This technical exploration delves into the comprehensive implementation considerations for building robust multi-tenant FIDO Relying Party (RP) servers. The content addresses key architectural components, including WebAuthn and CTAP protocol integration, database architecture models, tenant isolation strategies, and identity federation mechanisms. Critical security aspects, including cross-tenant protection and audit logging, are examined alongside cloud-native deployment considerations. The discussion encompasses essential elements of scalability, maintainability, and security controls required for successful FIDO-based passwordless authentication in multi-tenant environments.