Javlon Baxtiyorov
← Writing

fastapi-passkeys: 3 Weeks In — 382 Installs and What Surprised Me

Three weeks after releasing fastapi-passkeys, an honest look at the early PyPI download numbers, what people actually ask about, and what's next.

fastapi-passkeys: 3 Weeks In — 382 Installs and What Surprised Me

Just over three weeks ago I released fastapi-passkeys — a small open-source library that adds passkey (WebAuthn) login to FastAPI apps, with the security-sensitive parts handled by default. Here's an honest look at the first three weeks.

The numbers

Metric Value
First release 18 June 2026 (v0.1.2)
PyPI installs (total) 382
Installs, last 7 days 102
Best single day 80
Python support 3.10+
License MIT

For a brand-new, Alpha-stage library with a niche name, I'll take it. Nobody is getting rich off 382 installs — but it means real people typed pip install fastapi-passkeys and tried the thing, which is the only signal that matters this early.

What surprised me

  • The steady drip beats the launch spike. There was no big launch-day bump. Installs have come in a quiet, steady line — mostly, I suspect, from people searching for "passkeys in FastAPI" and finding the repo. That's a good reason to keep writing about it. (I just published a full guide to adding passkeys to FastAPI if you want the walkthrough.)
  • People care most about the boring security parts. The questions I get aren't about the happy path — they're about single-use challenges, origin checks, and cloned-authenticator detection. That's exactly the part I wanted the library to own, so it's reassuring.
  • It travels with its siblings. The companion library fastapi-trusted-devices (device-bound sessions and revocation) is at 153 installs, and the older unipay-uz payments library is at 359 — people who find one tend to look at the others.

What's next

  • Hardening the public API toward a stable 1.0.
  • More adapters and a fuller documentation site.
  • Suspicious-login and session-hijack hooks in the trusted-devices companion.

If you're building passwordless login on FastAPI, I'd genuinely love for you to try it and tell me where it hurts:

Thanks to everyone who's already tried it. More updates as the numbers grow.

Read next All writing →
← All writing Get in touch →