PublicKeyCredentialRequestOptions.userVerification
Secure context
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
userVerification is an optional property of the
PublicKeyCredentialRequestOptions. This is a string which indicates how
the user verification should be part of the authentication process.
Note: An analogous option exists for the creation operation
(navigators.credentials.create()), see
the userVerification property of
PublicKeyCredentialCreationOptions.authenticatorSelection.
Syntax
userVerification = publicKeyCredentialRequestOptions.userVerificationValue
A string qualifying how the user verification should be part of the authentication process. The values may be:
"required": user verification is required, the operation will fail if the response does not have the UV flag (as part ofAuthenticatorAssertionResponse.authenticatorData)"preferred": user verification is preferred, the operation will not fail if the response does not have the UV flag (as part ofAuthenticatorAssertionResponse.authenticatorData)"discouraged": user verification should not be employed as to minimize the user interaction during the process.
The default value is "preferred".
Examples
var options = {
userVerification: "preferred",
challenge: new Uint8Array([/* bytes sent from the server */]),
};
navigator.credentials.get({ "publicKey": options })
.then(function (credentialInfoAssertion) {
// send assertion response back to the server
// to proceed with the control of the credential
}).catch(function (err) {
console.error(err);
});
Specifications
| Specification | Status | Comment |
|---|---|---|
|
Web Authentication: An API for accessing Public Key Credentials Level 1 The definition of 'userVerification' in that specification. |
Recommendation | Initial definition. |
Browser compatibility
BCD tables only load in the browser
See also
PublicKeyCredentialCreationOptions.authenticatorSelectionwhoseuserVerificationproperty serves the same purpose for credential creation.