When a WebAuthn authenticator peforms an authentication via the get() call, the result is a new PublicKeyCredential, the
PublicKeyCredential.response value will be an AuthenticatorAssertionResponse object. This object contains both the client data (i.e. - browser data) for the authentication as well as the data from the authenticator to cryptographically prove that the authentication is valid.
- Inherited from
AuthenticatorResponse.clientDataJSON. Includes the client data for the authentication, such as origin and challenge.
- An ArrayBuffer containing information from the authenticator such as the Relying Party ID Hash (rpIdHash), a signature counter, test of user presence and user verification flags, and any extensions processed by the authenticator. This is one of the two fields that is signed over by the authenticator.
- A assertion signature over
AuthenticatorResponse.clientDataJSON. The assertion signature is created with the private key of keypair that was created during the create() call and verified using the public key of that same keypair.
- An ArrayBuffer containing an opaque user identifier.
|Web Authentication: An API for accessing Public Key Credentials Level 1||Candidate Recommendation||Initial definition.|
|Basic support||651 2||?||601||?||?||?|
|Feature||Android webview||Chrome for Android||Edge mobile||Firefox for Android||Opera Android||iOS Safari||Samsung Internet|
1. Only support USB U2F tokens
2. From version 65: this feature is behind the
Web Authentication API preference (needs to be set to
true). To change preferences in Chrome, visit chrome://flags.