Is this flow possible with webauthn

Feature: Use webauthn as primary source of trust

Description: I want to use webauthn as first solution instead of password

Use-case: My ideal user flow would be as follow :

  • New user arrives : enter email, then securise with webauthn (account created)
  • know user arrives : enter email, ask for webauthn, if ok login, unless say “device lost / forgot”
  • device lost : enter email, receive a magic link, ask a new webauthn, (user logged)