PublicKeyCredentialRequestOptions.userVerification
Secure context
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
userVerification
is an optional property of the
PublicKeyCredentialRequestOptions
. This is a string which indicates how
the user verification should be part of the authentication process.
Note: An analogous option exists for the creation operation
(navigators.credentials.create()
), see
the userVerification
property of
PublicKeyCredentialCreationOptions.authenticatorSelection
.
Syntax
userVerification = publicKeyCredentialRequestOptions.userVerification
Value
A string qualifying how the user verification should be part of the authentication process. The values may be:
"required"
: user verification is required, the operation will fail if the response does not have the UV flag (as part ofAuthenticatorAssertionResponse.authenticatorData
)"preferred"
: user verification is preferred, the operation will not fail if the response does not have the UV flag (as part ofAuthenticatorAssertionResponse.authenticatorData
)"discouraged"
: user verification should not be employed as to minimize the user interaction during the process.
The default value is "preferred"
.
Examples
var options = {
userVerification: "preferred",
challenge: new Uint8Array([/* bytes sent from the server */]),
};
navigator.credentials.get({ "publicKey": options })
.then(function (credentialInfoAssertion) {
// send assertion response back to the server
// to proceed with the control of the credential
}).catch(function (err) {
console.error(err);
});
Specifications
Specification | Status | Comment |
---|---|---|
Web Authentication: An API for accessing Public Key Credentials Level 1 The definition of 'userVerification' in that specification. |
Recommendation | Initial definition. |
Browser compatibility
BCD tables only load in the browser
See also
PublicKeyCredentialCreationOptions.authenticatorSelection
whoseuserVerification
property serves the same purpose for credential creation.