W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2020

Re: [webauthn] correct usage of userHandle? (#1385)

From: Sacha Weatherstone via GitHub <sysbot+gh@w3.org>
Date: Sat, 07 Mar 2020 10:58:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-596075746-1583578689-sysbot+gh@w3.org>
Great, thanks for the clarification, I am going full username-less so I am doing almost exactly what you mentioned above.
A user can have multiple credentials linked to them, also when a user generates a JWT token, it is linked to the credential that was used to login, so I have full tracking from token-credential-user, hopefully eliminating any incorrect authentication.

-- 
GitHub Notification of comment by sachaw
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1385#issuecomment-596075746 using your GitHub account
Received on Saturday, 7 March 2020 10:58:12 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:40 UTC