AuthenticatorAttestationResponse

Baseline Widely available *

This feature is well established and works across many devices and browser versions. It’s been available across browsers since September 2021.

* Some parts of this feature may have varying levels of support.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The AuthenticatorAttestationResponse interface of the Web Authentication API is the result of a WebAuthn credential registration. It contains information about the credential that the server needs to perform WebAuthn assertions, such as its credential ID and public key.

An AuthenticatorAttestationResponse object instance is available in the response property of a PublicKeyCredential object returned by a successful CredentialsContainer.create() call.

This interface inherits from AuthenticatorResponse.

AuthenticatorResponse AuthenticatorAttestationResponse

Note: This interface is restricted to top-level contexts. Use of its features from within an <iframe> element will not have any effect.

Instance properties

Also inherits properties from its parent, AuthenticatorResponse.

AuthenticatorAttestationResponse.attestationObject Read only

An ArrayBuffer containing authenticator data and an attestation statement for a new key pair generated by the authenticator.

AuthenticatorResponse.clientDataJSON Read only

Inherited from AuthenticatorResponse, this property contains the JSON-compatible serialization of the data passed from the browser to the authenticator in order to generate this credential — i.e., when CredentialsContainer.create() is called with a publicKey option. This data contains some information from the options passed into the create() call, and some information controlled by the browser.

Instance methods

AuthenticatorAttestationResponse.getAuthenticatorData()

Returns an ArrayBuffer containing the authenticator data contained within the AuthenticatorAttestationResponse.attestationObject property.

AuthenticatorAttestationResponse.getPublicKey()

Returns an ArrayBuffer containing the DER SubjectPublicKeyInfo of the new credential (see Subject Public Key Info), or null if this is not available.

AuthenticatorAttestationResponse.getPublicKeyAlgorithm()

Returns a number that is equal to a COSE Algorithm Identifier, representing the cryptographic algorithm used for the new credential.

AuthenticatorAttestationResponse.getTransports()

Returns an array of strings describing which transport methods (e.g., usb, nfc) are believed to be supported with the authenticator. The array may be empty if the information is not available.

Examples

Specifications

Specification
Web Authentication: An API for accessing Public Key Credentials - Level 3
# authenticatorattestationresponse

Browser compatibility

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
AuthenticatorAttestationResponse
attestationObject
getAuthenticatorData
getPublicKey
getPublicKeyAlgorithm
getTransports

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
Partial support
Partial support
No support
No support
See implementation notes.
Has more compatibility info.

See also