I have tried my firefox 62 and chromium on various webauthn examples and I could not make any of them work. Are those supposed to work without special hardware? I activated security.webauth.webauthn_enable_softtoken in about:config. Though I can't find much documentation on what exactly it does. Is webauthn ever supposed to work without special hardware?

• https://webauthn.bin.coffee/
• https://webauthn.io/
• https://webauthndemo.appspot.com/

To be able to use the "softtoken" in Firefox you have to enable it and disable the usbtoken:

security.webauth.webauthn_enable_softtoken=true
security.webauth.webauthn_enable_usbtoken=false

Then you can test on https://webauthn.bin.coffee/ and https://webauthn.io/ .

However, I have no idea how exactly it works and where its documentation is located.

As for the question how to use Webauthn, it should be possible according to the standard, but if browsers support it is another thing. Check this comment: https://github.com/w3c/webauthn/issues/1027#issuecomment-411441722

The spec is indeed written with hardware-backed authenticators (external or built-in) as the main concern, but WebAuthn does not in any way forbid integration of purely software-based authenticators.

...

It's perfectly possible for browsers or browser plugins to provide support for software authenticators, although WebAuthn provides no standardised API for doing that.

Well, WebAuthn is evolving technology. Supported only in Firefox/Chrome Desktop and Chrome Mobile browsers.

You'll need some U2F stuff like https://www.yubico.com/products/yubikey-for-mobile/
or AddOns like https://krypt.co/

Webauthn is pretty widely supported now, and it works in modern browsers without a roaming authenticator (a USB device or similar). It's very easy to test on the site you mentioned, https://webauthn.io/

https://caniuse.com/#search=webauthn