Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15589

WebAuthn Registration & Authentication Node Enhancement: store UserID with device

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.0.0
    • Component/s: webauthn
    • Support Ticket IDs:

      Description

      The current WebAuthn node provided by ForgeRock, requires the username to be input by the user before instigating the WebAuthn authentication. FIDO2 has the capability to store a UserID on the device along with the private key as part of the registration. It would be a much better user experience, if the user could opt to store their UserID on the credential device as part of the registration and that the WebAuthn authentication node would pick this up directly as an option when authemticating the user, e.g. "username from device". 

       

      This is possible in FIDO2 via the user Handle.

      Please read the following article for more information: 

      https://medium.com/@herrjemand/introduction-to-webauthn-api-5fd1fb46c285

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                david.luna@forgerock.com David Luna
                Reporter:
                alex.belovski Alex Belovski
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: