0
In WWDC 2022 Apple launched GA of Passkeys which will enable FIDO2 authentication in iOS ecosystem, the next gen open standards based authentication mechanism to replace passwords.
On a Relying Party (RP) server supporting FIDO2 when a user registration is initiated, the browser generates a QR code to register a phone as platform authenticator.
I am trying to build an app which opens up a QR scanner view and I want to register for the FIDO credential from the app by scanning the QR code generated by the browser. The parsed string is of the format - FIDO:/090409094349049349.......
What information does this FIDO:/090409094349049349....... url protocol contain relating to the RP? Also, is there a way to decode this in Swift to get that information in json or string format?
Since the camera app on iPhone is able to scan the QR and generate information like RP domain name and user being registered, I believe there should be a way to do this from a QR scanner inside an app as well. Or are these APIs private in nature only for usage of Camera app?