webauthn
webauthn copied to clipboard
w3c
Web Authentication: An API for accessing Public Key Credentials
Adds the Related Origin Requests feature ([explainer](https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests)) - Updates "Create a New Credential" - Updates "Use an Existing Credential" - Adds a new subsection: "Using Web Authentication across related origins"...
It is of somewhat limited value because getClientCapabilities can't know what extensions the user's authenticator will support, but it can be meaningful to know that an extension isn't supported. Absent...
Fixes #1916 Creates a new section describing verification when packed format is used for enterprise attestation. *** Preview | Diff
Fixes #1797 It removes the HTML reference, which seems superfluous. It also updates the RFC 2119 language to the current recommended text. *** Preview | Diff
## Proposed Change Some pluggable passkey providers, do not request a fresh user verification for each call to getAssertion. This is a deviation from the traditional behavior and might surprise...
## Proposed Change Note: This may end up resulting in a WebAuthn spec change (I think it should - read on), or in a close with feedback to the FIDO...
Fixes #2030. Note that some of these currently appear incorrect in Chrome - see issue #1913. Also ref: #1523, #1861, #797. *** Preview | Diff
## Description I was trying to integrate conditional UI, in my application and I wanted to show only saved passey in autofill and nothing else. But if I use autocomplete="username...
The current behavior of some Passkey Providers to “cache” the user verification status cannot be modeled in FIDO/WebAuthn today and hence might surprise relying parties. This PR adds the user...
Fixes #2016. *** Preview | Diff