electron navigator.credentials.get with conditional mediation brings up a popup

Preflight Checklist

[x] I have read the Contributing Guidelines for this project.
[x] I agree to follow the Code of Conduct that this project adheres to.
[x] I have searched the issue tracker for a bug report that matches the one I want to file, without success.

Electron Version

36.2.1

What operating system(s) are you using?

Windows

Operating System Version

Windows 11

What arch are you using?

x64

Last Known Working Electron version

Expected Behavior

No popup should appear as per docs: https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get This is also how it behaves in Chrome, no popup will appear and the promise keeps pending

Actual Behavior

Windows security will bring up a popup

Testcase Gist URL

https://gist.github.com/t57ser/d27d2f12c0927208b8ca7690cde067ce

Additional Information

No response

May 19 '25 12:05 t57ser

Another thing: Calling PublicKeyCredential.isConditionalMediationAvailable() resolves with true I assume this should resolve with false This is happening since electron 34.0.0

Update: on win10 it is happening since 34.0.0 but on win11 this resolves with true in earlier versions too

May 19 '25 12:05 t57ser

Thanks for reporting!

I'm not super familiar with the API. The screenshot mentions that the app is unverified. Do you see the same behavior if you codesign your application?

May 19 '25 20:05 nikwen

@nikwen yes also happens with a signed app. The screenshot is not from the app but from when i made a reproducible example for the gist

May 19 '25 21:05 t57ser

Could you share a screenshot of what the popup looks like when the app is signed?

Maybe related (thanks to @jkleinsc for bringing it up): https://github.com/electron/electron/issues/24573

May 21 '25 16:05 nikwen

Another thing: Calling PublicKeyCredential.isConditionalMediationAvailable() resolves with true I assume this should resolve with false This is happening since electron 34.0.0

Update: on win10 it is happening since 34.0.0 but on win11 this resolves with true in earlier versions too

this was modified to respond true in => fix: WebAuthn Discoverable Credential (Resident Credential)

and as to why this still doesnt work on macos, even with a signed electron app and the NSBluetooth permissions => the native "chrome" UI / sheet isnt getting 'hooked' by electron -- so its sitting there waiting to be clicked but never is as its invisible or something is dismissing it immediately; thats my theory anyway. if you use the cef-rs build from tauri on macos, it will pop the chrome modal for passkey selection (https://github.com/tauri-apps/cef-rs/tree/dev)

on macos and latest electron you can see this behavior with any of the chrome native sheets:

payment handler => https://googlechrome.github.io/samples/paymentrequest/payment-handler/

fedcm => https://fedcm-idp-demo.glitch.me/home

can anyone with windows try the above links using chrome and then electron?

chrome:

electron:

May 30 '25 04:05 maceip

wrong thread, please disregard (but this maybe needs a new bug?)

May 30 '25 04:05 maceip

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the latest version of Electron or in the beta—please include it with your comment!

Aug 29 '25 02:08 electron-issue-triage[bot]

bump

Aug 29 '25 06:08 t57ser