You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been going through a lot of documentation related to WebAuthn, both this implementation here, as well as the Webauthn JSON module for the client-side, and the specs themselves.
For now, the closest I've been able to come to a way to identify the name of a key is the AAGUID setting, which at the least Yubico uses.
I've tried querying for it using your app, through the credential response, and it isn't erroring, just giving back a blank string, even when using a Yubi key to register with.
I haven't been able to determine if the issue lies with the object created simply not containing this data (Maybe Webauthn_json isn't getting the data when querying the key itself ?), or if this hasn't been fully implemented yet.
In any case, my main question is more related to how the different companies are actually identifying the types and names of the authentication methods used.
Google has it set up somehow to identify that you're using a Yubikey, but the closest I've come is distinguishing between Platform and Cross-Platform keys, so our users are still currently having to add a nickname to their registered keys to be able to remember what kind they are and where they're from.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I've been going through a lot of documentation related to WebAuthn, both this implementation here, as well as the Webauthn JSON module for the client-side, and the specs themselves.
For now, the closest I've been able to come to a way to identify the name of a key is the AAGUID setting, which at the least Yubico uses.
I've tried querying for it using your app, through the credential response, and it isn't erroring, just giving back a blank string, even when using a Yubi key to register with.
I haven't been able to determine if the issue lies with the object created simply not containing this data (Maybe Webauthn_json isn't getting the data when querying the key itself ?), or if this hasn't been fully implemented yet.
In any case, my main question is more related to how the different companies are actually identifying the types and names of the authentication methods used.
Google has it set up somehow to identify that you're using a Yubikey, but the closest I've come is distinguishing between Platform and Cross-Platform keys, so our users are still currently having to add a nickname to their registered keys to be able to remember what kind they are and where they're from.
Beta Was this translation helpful? Give feedback.
All reactions