AuthenticatorAssertionResponse

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

When a WebAuthn authenticator peforms an authentication via the get() call, the result is a new PublicKeyCredential, the PublicKeyCredential.response value will be an AuthenticatorAssertionResponse object. This object contains both the client data (i.e. - browser data) for the authentication as well as the data from the authenticator to cryptographically prove that the authentication is valid.

Properties

 

AuthenticatorAssertionResponse.clientDataJSON
Inherited from AuthenticatorResponse.clientDataJSON. Includes the client data for the authentication, such as origin and challenge.
AuthenticatorAssertionResponse.authenticatorData
An ArrayBuffer containing information from the authenticator such as the Relying Party ID Hash (rpIdHash), a signature counter, test of user presence and user verification flags, and any extensions processed by the authenticator. This is one of the two fields that is signed over by the authenticator.
AuthenticatorAssertionResponse.signature
A assertion signature over AuthenticatorAssertionResponse.authenticatorData and AuthenticatorResponse.clientDataJSON. The assertion signature is created with the private key of keypair that was created during the create() call and verified using the public key of that same keypair.
AuthenticatorAssertionResponse.userHandle
An ArrayBuffer containing an opaque user identifier.

 

Methods

None.

Examples

TBD

Specifications

Specification Status Comment
Web Authentication: An API for accessing Public Key Credentials Level 1 Candidate Recommendation Initial definition.

Browser compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidiOS SafariSamsung Internet
Basic supportChrome Full support 65
Notes Disabled
Full support 65
Notes Disabled
Notes Only support USB U2F tokens
Disabled From version 65: this feature is behind the Web Authentication API preference (needs to be set to true). To change preferences in Chrome, visit chrome://flags.
Edge Full support 18Firefox Full support 60
Notes
Full support 60
Notes
Notes Only support USB U2F tokens
IE ? Opera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile ? Firefox Android ? Opera Android ? Safari iOS ? Samsung Internet Android ?
authenticatorDataChrome Full support 65
Notes Disabled
Full support 65
Notes Disabled
Notes Only support USB U2F tokens
Disabled From version 65: this feature is behind the Web Authentication API preference (needs to be set to true). To change preferences in Chrome, visit chrome://flags.
Edge Full support 18Firefox Full support 60
Notes
Full support 60
Notes
Notes Only support USB U2F tokens
IE ? Opera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile ? Firefox Android ? Opera Android ? Safari iOS ? Samsung Internet Android ?
signatureChrome Full support 65
Notes Disabled
Full support 65
Notes Disabled
Notes Only support USB U2F tokens
Disabled From version 65: this feature is behind the Web Authentication API preference (needs to be set to true). To change preferences in Chrome, visit chrome://flags.
Edge Full support 18Firefox Full support 60
Notes
Full support 60
Notes
Notes Only support USB U2F tokens
IE ? Opera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile ? Firefox Android ? Opera Android ? Safari iOS ? Samsung Internet Android ?
userHandleChrome Full support 65
Notes Disabled
Full support 65
Notes Disabled
Notes Only support USB U2F tokens
Disabled From version 65: this feature is behind the Web Authentication API preference (needs to be set to true). To change preferences in Chrome, visit chrome://flags.
Edge Full support 18Firefox Full support 60
Notes
Full support 60
Notes
Notes Only support USB U2F tokens
IE ? Opera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile ? Firefox Android ? Opera Android ? Safari iOS ? Samsung Internet Android ?

Legend

Full support  
Full support
Compatibility unknown  
Compatibility unknown
See implementation notes.
See implementation notes.
User must explicitly enable this feature.
User must explicitly enable this feature.

Document Tags and Contributors

Contributors to this page: ExE-Boss, apowers313
Last updated by: ExE-Boss,