Idea ID: 2873792

webauthn Paramters for FIDO2 Method

Status : New Idea

It would be beneficial to have the ability to set some optional webauthn parameters. In particular, the UserVerficationRequirement would be configurable to allow for the changing of the default behavior for FIDO2 tokens to require a "device pin" to protect the FIDO2 credential(s). By setting this parameter to discourage we could avoid requiring the device pin from being used/required and enhancing the user experience if desired.

https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement

I would think this would be best set at the method level for FIDO2 under Custom Settings like Micro Focus does with other methods.

Labels:

AAF
Configuration