3
Can RSA be used for web API authentication?
(lemy.lol)
Questions, answers, discussions, and literature on the theory and practice of cryptography
Sounds like you’re proposing WebAuthn which already exists. Keep in mind that there are attacks against RSA with PKCS1 padding. I’d use a more secure cryptographic primitive than RSA (I.e. elliptic curves) - there’s a reason cryptographic experts don’t look towards RSA these days.