fix: WebAuthn credential listing/removal not working for non-primary WebAuthn users and multiple linked WebAuthn users #1024
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Updated the `listCredentialsGET` function to handle cases where the WebAuthn user is not the primary user and when multiple WebAuthn users are linked.
Deploying supertokens-node-pr-check-for-edge-function-compat with
|
| Latest commit: |
90f2b84
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://9b71e659.supertokens-node-b95.pages.dev |
|
✅ No documentation updates required. |
# Conflicts: # CHANGELOG.md # lib/build/recipe/webauthn/api/implementation.js # lib/ts/recipe/webauthn/api/implementation.ts
…ebauthn user is not primary
coolbueb
changed the title
porcellus
approved these changes
Jul 30, 2025
…sting-multiple-users
namsnath
added a commit
to supertokens/supertokens-python
that referenced
this pull request
Aug 6, 2025
namsnath
added a commit
to supertokens/supertokens-python
that referenced
this pull request
Aug 21, 2025
namsnath
added a commit
to supertokens/supertokens-python
that referenced
this pull request
Aug 21, 2025
- Adds list/remove credential endpoints for webauthn - Updates FDI to support 4.2 - Changes MFA and Session handling in webauthn - Prevents removal of WebAuthn credentials unless all session claims are satisfied - Changes how sessions are fetched when listing/removing/registering Webauthn credentials - Asserts MFA claims during credential registration/removal - Fixes Webauthn credential listing and removal to work even when the Webauthn user is not the primary user and when there are multiple linked Webauthn users ref: supertokens/supertokens-node#1023, supertokens/supertokens-node#1024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
listCredentialsGETfunction to handle cases where the WebAuthn user is not the primary user and when multiple WebAuthn users are linked.Summary of change
(A few sentences about this PR)
Related issues
Test Plan
(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)
Documentation changes
(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)
Checklist for important updates
coreDriverInterfaceSupported.jsonfile has been updated (if needed)lib/ts/version.tsfrontendDriverInterfaceSupported.jsonfile has been updated (if needed)package.jsonpackage-lock.jsonlib/ts/version.tsnpm run build-prettyrecipe/thirdparty/providers/configUtils.tsfile,createProviderfunction.git tag) in the formatvX.Y.Z, and then find the latest branch (git branch --all) whoseX.Yis greater than the latest released tag.add-ts-no-check.jsfile to include thatsomeFunc: function () {..}).exportsinpackage.jsonRemaining TODOs for this PR