So, for the sake of clarity - as of now if I want to replicate the stock Camera app's behavior to register and login to a FIDO2 based RP in a custom app, that is not possible?
Post
Replies
Boosts
Views
Activity
Could you please help me with the 'hand that off to the system' part? As in how to pass off the data captured using a custom QR code scanner built using AVCaptureSession to the system?
Thanks @garrett-davidson . Will have a look at the documentation and give it a try!
Thanks @codecomet . Could you also please let me know a generic user experience for a third-party passkey provider? If we goto 'https://webauthn.io' and click on Register. What happens next? Do we scan the QR code generated by the browser using the iPhone Camera app and then OS prompts for our app to generate passkey instead of it doing the same?
Thank you @codecomet . So, if I understand it correctly, there is no proximity involved in the case of third party provider model too similar to iCloud Keychain. Is that correct? In a way, it solves the password problem but doesnt match up to FIDO Alliance's CTAP specs looks like I think.
Hi @Incogn1to . If those bits 3-5 which pertain to backup eligibility and backup state are set to 1 for it to work on iOS, does that mean the passkey generated will get synced to a different iPhone/iOS device via iCloud Keychain for the same apple id?
Thanks @garrett-davidson . So from what I understand, since the attestation formats for passkeys are not defined in the specs yet, Apple doesnt support or rather doesnt need the attestation statement to be sent as part of passkey registration response to the Relying Party. Is that understanding correct? On a curious note, can you please throw some light on as to by when we can expect attestation formats for passkeys to be part of the specs which is currently being worked on in the FIDO Alliance?
@malleswari how did you resolve this issue?