You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If options.authenticatorSelection is present, for each authenticator...
However, if options.authenticatorSelection is not present, we will not invoke any authenticators, which will likely make the user sad.
Given that we need to pass options.authenticatorSelection.requireResidentKey and options.authenticatorSelection.requireUserVerification to authenticatorMakeCredential(), perhaps we should make authenticatorSelection a required member of MakePublicKeyCredentialOptions ? (unless I'm misunderstanding things...?)
The text was updated successfully, but these errors were encountered:
I support making options.authenticatorSelection required and default to {}. Then we can also get rid of the "If authenticatorSelection is present" branch, and the descriptions of requireResidentKey and requireUserVerification in authenticatorMakeCredential won't describe possibly undefined behaviour. I suppose it would technically be a breaking change to how credentials.create() is implemented, but it wouldn't at all affect observable behaviour or the API on either end.
The current step 18 of #createCredential alg says:
However, if
options.authenticatorSelection
is not present, we will not invoke any authenticators, which will likely make the user sad.Given that we need to pass
options.authenticatorSelection.requireResidentKey
andoptions.authenticatorSelection.requireUserVerification
toauthenticatorMakeCredential()
, perhaps we should makeauthenticatorSelection
arequired
member ofMakePublicKeyCredentialOptions
? (unless I'm misunderstanding things...?)The text was updated successfully, but these errors were encountered: