Stack Overflow
Stack Overflow

Questions tagged [fido]

FIDO (Fast IDentity Online) is an organization which aims to substitute old password authentication with modern password-less solutions. It tries to achieve that by introducing three main protocols : UAF, U2F, FIDO2. Use this tag for questions referring to the FIDO protocols (UAF, U2F, FIDO2).

144 questions
2
votes
1 answer

Check if a credential_id is available on platform authenticator with WebAuthN

Is there a way to check before calling navigator.credentials.get if the credential exists on the platform authenticator? For example, if you specify that only platform authenticators can be used and not roaming authenticators, how do you know if the…
adoyon23
  • 321
  • 1
  • 5
  • 16
2
votes
1 answer

How does relying party determine the user when resident keys are used?

When client-side discoverable resident keys are used with WebAuthN, it is not necessary for the relying party to first identify the user trying to sign in. How then does the RP know which user signed in? Does the RP just receive the…
adoyon23
  • 321
  • 1
  • 5
  • 16
2
votes
1 answer

Check if credential exists without prompting for fingerprint in Android

Is there an API or other method for determining if a credential exists on the device that doesn't require taking my fingerprint first in Android? Currently, I can call getSignPendingIntent(PublicKeyCredentialRequestOptions) with a particular…
adoyon23
  • 321
  • 1
  • 5
  • 16
2
votes
1 answer

Does a Blazor WASM login work with FIDO2 and how?

I want to create a simple Blazor WASM app, where users can login with FIDO2 (WebAuthn) instead of a password (and username perhaps) via Windows Hello, Yubikey, etc. Google did not tell me much about FIDO2 and Blazor, I only found a library working…
Sime Kappa
  • 121
  • 4
2
votes
1 answer

With WebAuthN is it possible to deny certain types of authentication methods FIDO2)

When using WebAuthN (https://w3c.github.io/webauthn/) to authenticate, is it possible to hide certain authentication options? For example, when testing on webauthn.io, my android device shows available authentication types like hardware keys,…
garethb
  • 3,951
  • 6
  • 32
  • 52
2
votes
1 answer

Emulate U2F token for automated test of web login in Cypress

I want to automate login for website that uses U2F with usb security key all on Cypress + TS. My script should emulate key and pass it to browser. For now I've been using https://github.com/github/SoftU2F which is a good solution, but still…
Bogdan Slyusarenko
  • 33
  • 3
2
votes
1 answer

How to test iOS fido2 BLE authenticator implementation?

I'm trying to develop a fido2 BLE authenticator for iOS platform. As far as I know, android can be tested with OSX desktop chrome(which supports fido2) and fido2 conformance tool. When it comes to iOS, the only way I knew is using 'fido2 conformance…
SaRaVaNaN DM
  • 4,390
  • 4
  • 22
  • 30
2
votes
1 answer

FIDO2 - Get Authenticator Info issue

I am developing Android authenticator.I am getting {-125,0,1,4} byte array from webauthn client after pairing. When I decoding this array -125 (0x83) - MSG 1 (0x01) - length of the data 4 (0x04) - AuthenticatorGetInfo I am not sure about 0 in this…
Chella M
  • 392
  • 1
  • 2
  • 15
2
votes
3 answers

Unable to read/write FIDO2 charactersitics

I am building an Android authenticator for FIDO2. I got stuck with read/write characteristics. I am working on Mac - Chrome 75. Chrome can detect my Android BLE authenticator. After detecting my BLE Authenticator, onCharacteristicReadRequest() is…
Chella M
  • 392
  • 1
  • 2
  • 15
2
votes
1 answer

How to Get WebAuthn to Work with a Roaming Authenticator?

The W3C recently approved Web Authentication: An API for accessing Public Key Credentials, commonly referred to as WebAuthn. In section 6.2.1 the recommendation states, "For example, a platform authenticator integrated into a mobile device could…
user2782
  • 358
  • 2
  • 18
2
votes
0 answers

Web Authn and Feathers any idea?

Since Web Authn just approved as a standard from W3C anyone working on feathers to manage this type of authentication? Thank you
swina
  • 217
  • 2
  • 5
2
votes
1 answer

Incomplete Implementation of CTAP2 (FIDO2) protocol in Chrome?

I've been investigating the implementation of CTAP2 protocol with Google Chrome (protocol between Fido Authenticator and Fido Client (e.g. Chrome)), which should be supported in Chrome since version 69. So I dumped the chrome request to the…
watts
  • 127
  • 2
  • 7
2
votes
2 answers

FIDO2 hardware hits the shelves, but what are the limitations it brings with it?

I read every Yubico publication and looked at the webinars, but they keep some information unsaid for some reason. When using the Yubikey 5 for Single Strong Factor, they claim the authenticator (I guess they mean the physical key's CPU) generates a…
Ira
  • 193
  • 4
1
vote
1 answer

Can the OpenSSH FIDO2 ssh key attestation data be used verify the key resides only a FIDO2 token (e.g. Yubikey)?

OpenSSH >=8.2 allows the use of FIDO2 authentication and the ssh-keygen command allows the creation of resident keys on FIDO2 tokens (such as a Yubikey). There is also the option of outputting attestation data during key generation with the…
cloud_hack
  • 65
  • 1
  • 6
1
vote
1 answer

Passkeys don't always work on Android phone, despite working on PC and iOS

I'm using Pixel 7 Pro and turned on the new Passkeys feature in my Google Account two days ago. I can login to Google Account using Passkey on my Windows PC (via Windows Hello/physical security key) and iPad, but not on my Pixel phone. When I use…
BlackMiracle
  • 363
  • 2
  • 8
1 2
3
9 10