When a WebAuthn authenticator peforms an authentication via the get() call, the result is a new PublicKeyCredential, the
PublicKeyCredential.response value will be an AuthenticatorAssertionResponse object. This object contains both the client data (i.e. - browser data) for the authentication as well as the data from the authenticator to cryptographically prove that the authentication is valid.
- Inherited from
AuthenticatorResponse.clientDataJSON. Includes the client data for the authentication, such as origin and challenge.
- An ArrayBuffer containing information from the authenticator such as the Relying Party ID Hash (rpIdHash), a signature counter, test of user presence and user verification flags, and any extensions processed by the authenticator. This is one of the two fields that is signed over by the authenticator.
- A assertion signature over
AuthenticatorResponse.clientDataJSON. The assertion signature is created with the private key of keypair that was created during the create() call and verified using the public key of that same keypair.
- An ArrayBuffer containing an opaque user identifier.
|Web Authentication Level 1||Working Draft||Initial definition.|
We're converting our compatibility data into a machine-readable JSON format. This compatibility table still uses the old format, because we haven't yet converted the data it contains. Find out how you can help!
|Feature||Chrome||Firefox (Gecko)||Internet Explorer||Opera||Safari (WebKit)|
|Basic support||Nightly build||Nightly build||No support||No support||No support|
|Feature||Android Webview||Chrome for Android||Firefox Mobile (Gecko)||Firefox OS||IE Phone||Opera Mobile||Safari Mobile|
|Basic support||No support||Nightly build||No support||No support||No support||No support||No support|