Wt

Webauthn is a FIDO2 core component. It allows for a standardized way for browser to access public-key cryptography; which are in this context called passkeys.

Based on the configuration provided to the auth service, the login page will show a regular login, or allow for the Webauthn way.
This essentially delegates the actual verification to the client's OS. The OS is then responsible to generate or use a key-pair to attach to the identity. Depending on how this is set up on the client's machine, this will result in different behaviour. The OS may ask for biometrics, a PIN, a hardware key or another way to ensure that the user is verifiably how they claim to be.