W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2020

[webauthn] correct usage of userHandle? (#1385)

From: Sacha Weatherstone via GitHub <sysbot+gh@w3.org>
Date: Fri, 06 Mar 2020 22:57:36 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-577219050-1583535455-sysbot+gh@w3.org>
sachaw has just created a new issue for https://github.com/w3c/webauthn:

== correct usage of userHandle? ==
I am trying to implement WebAuthn, and am unsure how the userHandle attribute should be, as there seems to be some conflicting information.
Should userHandle be uniquely identifying to both the user and credential, or just the user (i.e. have a unique identifier for a given credential or just use the users id for the userHandle attribute)
also, why would it not be ok to use the credentialId as the unique identifier for a credential in my database, and use that to identify the credential and lookup the user.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1385 using your GitHub account
Received on Friday, 6 March 2020 22:57:38 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:40 UTC