Secure context

This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The user property of the PublicKeyCredentialCreationOptions dictionary is an object describing the user account for which the credentials are generated (via navigator.credentials.create()).


userAccount = publicKeyCredentialCreationOptions.user


A DOMString which is human readable and intended for display. It may be the full name of the user (e.g. "John Doe"). This is not intended to store the login of the user (see name below).
icon Optional
An URL as a USVString value which points to an image resource which can be the avatar image for the user.
A BufferSource uniquely identifying a given user. This an opaque identifier which can be used by the authenticator to link the user account with its corresponding credentials. This value will later be used when fetching the credentials in AuthenticatorAssertionResponse.userHandle.
A DOMString giving a human-readable name for the user's identifier (e.g. "").This property is intended for display and may be use to distinguish different account with the same displayName.


var publicKey = {
  challenge: new Uint8Array(26) /* this actually is given from the server */,
  rp: {
    name: "Example CORP",
    id  : ""
  user: {
    // To be changed for each user
    id: new Uint8Array.from(window.atob("LAEGMLKJNRLKGNAMLAFALFKA="), c=>c.charCodeAt(0));

    name: "",
    displayName: "John Doe",
    icon: ""
  pubKeyCredParams: [
      type: "public-key",
      alg: -7

navigator.credentials.create({ publicKey })
  .then(function (newCredentialInfo) {
    // send attestation response and client extensions
    // to the server to proceed with the registration
    // of the credential
  }).catch(function (err) {


Web Authentication: An API for accessing Public Key Credentials - Level 3 (Web Authentication)
# dom-publickeycredentialcreationoptions-user

Browser compatibility

BCD tables only load in the browser

See also