Support for macOS TouchID in Okta for FIDO/WebAuthn MFA

[alsmola]

The current Okta WebAuthN support in saml2aws relies on https://github.com/marshallbrekka/go-u2fhost which only finds USB-based hardware authenticators.

Using TouchID appears to be implemented in gimme-aws-creds - https://github.com/Nike-Inc/gimme-aws-creds/pull/252 - but not exactly sure what Go library would help us support "Virtual CTAP2 device" in the same way they use https://github.com/dany74q/ctap-keyring-device.

[jackivanov]

Any updates?

[saurabhnemade]

Any updates on this? It's really annoying to pickup phone and approve requests when you can just touch fingerprint on touchid.

[genevera]

Looks like there's a virtual FIDO device written in golang: https://github.com/bulwarkid/virtual-fido