Secure context

This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The rpId property, of the PublicKeyCredentialRequestOptions dictionary, is an optional property which indicates the relying party's identifier as a USVString. Its value can only be a suffix of the current origin's domain. For example, if you are browsing on, the rpId value may be "" but not "" or "".

This property is optional. If it is not explicitly provided, the user agent will use the value of the current origin's domain.

Note: An analogous option exists for the creation operation (navigators.credentials.create()), see the id property of PublicKeyCredentialCreationOptions.rp.


rpId = publicKeyCredentialRequestOptions.rpId


A USVString for the identifier of the relying party. Its value can only be a suffix of the current origin's domain.


var options = {
  challenge: new Uint8Array([/* bytes sent from the server */]),
  rpId: "" // will only work if the current domain
                      // is something like

navigator.credentials.get({ "publicKey": options })
    .then(function (credentialInfoAssertion) {
    // send assertion response back to the server
    // to proceed with the control of the credential
}).catch(function (err) {


Web Authentication: An API for accessing Public Key Credentials - Level 3 (Web Authentication)
# dom-publickeycredentialrequestoptions-rpid

Browser compatibility

BCD tables only load in the browser

See also