W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2018

Re: [webauthn] What is the point of `allowCredentials`?

From: Ackermann Yuriy via GitHub <sysbot+gh@w3.org>
Date: Thu, 12 Apr 2018 17:25:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-380882879-1523553941-sysbot+gh@w3.org>
@subyraman allowCredentials is used to provide authenticator with exact credential you want assertion from, and it is essential as FIDO2 supports 2FA-only mode, as it requires exact credID to be presented. Same applies for U2F.

-- 
GitHub Notification of comment by herrjemand
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/867#issuecomment-380882879 using your GitHub account
Received on Thursday, 12 April 2018 17:25:45 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC