Skip to content

Commit

Permalink
Provide a reference for RP implementors as to what errors might be av…
Browse files Browse the repository at this point in the history 
…ailable during WebAuthn create/get ceremonies
  • Loading branch information
@sbweeden
sbweeden committed Oct 20, 2020
1 parent 5c9a9a7 commit 16b729a
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4360,7 +4360,10 @@ In order to perform a [=registration ceremony=], the [=[RP]=] MUST proceed as fo
1. Call {{CredentialsContainer/create()|navigator.credentials.create()}} and pass |options|
as the <code>{{CredentialCreationOptions/publicKey}}</code> option.
Let |credential| be the result of the successfully resolved promise.
If the promise is rejected, abort the ceremony with a user-visible error.
If the promise is rejected, abort the ceremony with a user-visible error, or otherwise guide the user experience as
might be determinable from the context available in the rejected promise. For example if the promise is rejected with
an error code equivalent to "{{InvalidStateError}}", the user might be instructed to use a different [=authenticator=].
For information on different error contexts and the circumstances leading to them, see [=authenticatorMakeCredential=].

1. Let |response| be <code>|credential|.{{PublicKeyCredential/response}}</code>.
If |response| is not an instance of {{AuthenticatorAttestationResponse}}, abort the ceremony with a user-visible error.
Expand Down Expand Up @@ -4497,7 +4500,9 @@ In order to perform an [=authentication ceremony=], the [=[RP]=] MUST proceed as
1. Call {{CredentialsContainer/get()|navigator.credentials.get()}} and pass |options|
as the <code>{{CredentialRequestOptions/publicKey}}</code> option.
Let |credential| be the result of the successfully resolved promise.
If the promise is rejected, abort the ceremony with a user-visible error.
If the promise is rejected, abort the ceremony with a user-visible error, or otherwise guide the user experience as might
be determinable from the context available in the rejected promise. For information on different error contexts and the
circumstances leading to them, see [=authenticatorGetAssertion=].

1. Let |response| be <code>|credential|.{{PublicKeyCredential/response}}</code>.
If |response| is not an instance of {{AuthenticatorAssertionResponse}}, abort the ceremony with a user-visible error.
Expand Down

0 comments on commit 16b729a

Please sign in to comment.