PublicKeyCredential: getClientExtensionResults() method

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since September 2021.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The getClientExtensionResults() method of the PublicKeyCredential interface returns a map between the identifiers of extensions requested during credential creation or authentication, and their results after processing by the user agent.

During the creation or fetching of a PublicKeyCredential (via navigator.credentials.create() and navigator.credentials.get() respectively), it is possible to request "custom" processing by the client for different extensions, specified in the publicKey option's extensions property. You can find more information about requesting the different extensions in Web Authentication extensions.

Note: getClientExtensionResults() only returns the results from extensions processed by the user agent (client). The results from extensions processed by the authenticator can be found in the authenticator data available in AuthenticatorAssertionResponse.authenticatorData.

Syntax

js
getClientExtensionResults()

Parameters

None.

Return value

A map, with each entry being an extensions' identifier string as the key, and the output from the processing of the extension by the client as the value.

Examples

js
const publicKey = {
  // Here are the extension "inputs"
  extensions: {
    appid: "https://accounts.example.com",
  },
  allowCredentials: {
    id: "fgrt46jfgd...",
    transports: ["usb", "nfc"],
    type: "public-key",
  },
  challenge: new Uint8Array(16) /* from the server */,
};

navigator.credentials
  .get({ publicKey })
  .then((publicKeyCred) => {
    const myResults = publicKeyCred.getClientExtensionResults();
    // myResults will contain the output of processing the "appid" extension
  })
  .catch((err) => {
    console.error(err);
  });

Specifications

Specification
Web Authentication: An API for accessing Public Key Credentials - Level 3
# ref-for-dom-publickeycredential-getclientextensionresults

Browser compatibility

BCD tables only load in the browser

Note: Extensions are optional and different browsers may recognize different extensions. Processing extensions is always optional for the client: if a browser does not recognize a given extension, it will just ignore it. For information on which extensions are supported by which browsers, see Web Authentication extensions.

See also