You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I may be misunderstanding how WebAuthentication works but I believe you should be able to request authentication options without having to provide the user's ID. This would result in request options that omit allowCredentials which from my understanding isn't required.
Forcing the user to provide an email prevents workflows like WebAuthn conditional UI and from what I can tell should only be used for things like 2FA or re-authenticating a specific user. I found this page helpful in explaining this: https://web.dev/articles/webauthn-discoverable-credentials#allow-credentials
Ideally, we should be able to omit the username when requesting /webauthn/authenticate/options which would, in turn, omit allowCredentials. I think it's still valuable to have an email-conditional flow to perform functions like re-authentication.
The text was updated successfully, but these errors were encountered:
EdgeDB Version: 5.0-beta2
I may be misunderstanding how WebAuthentication works but I believe you should be able to request authentication options without having to provide the user's ID. This would result in request options that omit
allowCredentialswhich from my understanding isn't required.Forcing the user to provide an email prevents workflows like WebAuthn conditional UI and from what I can tell should only be used for things like 2FA or re-authenticating a specific user. I found this page helpful in explaining this: https://web.dev/articles/webauthn-discoverable-credentials#allow-credentials
Ideally, we should be able to omit the username when requesting
/webauthn/authenticate/optionswhich would, in turn, omitallowCredentials. I think it's still valuable to have an email-conditional flow to perform functions like re-authentication.The text was updated successfully, but these errors were encountered: