You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the Note that PR #1326 inserts into the spec explains the purpose of the UV gesture solicited in the authenticatorMakeCredential() operation when there are match(es) in the |excludeCredentialDescriptorList|. Essentially, we're explaining in the (new) Note that: "if the RP gets an invalidStateError back from a nav.creds.Create() call, they can do something user-helpful with that info".
However, this guidance for the RP is buried in "Note:"s in spec sections that we are not suggesting RP devs read (i.e., in the spec roadmap).
Additionally, our "RP Ops - registering a new cred" section only says "abort the ceremony with a user-visible error" if an error is returned from Create().