AuthenticatorAttestationResponse

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

When a WebAuthn authenticator creates a new PublicKeyCredential via a create() call, the PublicKeyCredential.response value will be an AuthenticatorAttestationResponse object. This object contains two properties: 1) a clientDataJSON property inherited from AuthenticatorResponse; and 2) an attestationObject that is an authenticator's way of providing a root of trust for the newly created keypair.

Properties

AuthenticatorAttestationResponse.clientDataJSON
Inherited from AuthenticatorResponse.clientDataJSON. Includes the client data for the authentication, such as origin and challenge.
AuthenticatorAttestationResponse.attestationObject
An authenticator's cryptographic attestation that a newly generated keypair was created by that authenticator.

Methods

None.

Examples

TBD

Specifications

Specification Status Comment
Web Authentication: An API for accessing Public Key Credentials Level 1 Candidate Recommendation Initial definition.

Browser compatibility

FeatureChromeEdgeFirefoxInternet ExplorerOperaSafari
Basic support651 2 ?601 ? ? ?
attestationObject651 2 ?601 ? ? ?
FeatureAndroid webviewChrome for AndroidEdge mobileFirefox for AndroidOpera AndroidiOS SafariSamsung Internet
Basic support ? ? ? ? ? ? ?
attestationObject ? ? ? ? ? ? ?

1. Only support USB U2F tokens

2. From version 65: this feature is behind the Web Authentication API preference (needs to be set to true). To change preferences in Chrome, visit chrome://flags.

Document Tags and Contributors

Contributors to this page: ExE-Boss, apowers313
Last updated by: ExE-Boss,