- From: Dylan via GitHub <sysbot+gh@w3.org>
- Date: Thu, 19 Aug 2021 18:13:35 +0000
- To: public-webauthn@w3.org
I'm fully aware that my current implementation might be flawed, but I guess what I was hoping to do is ask our server for a challenge and credential IDs as soon as the username/email field is blurred. If IDs come back, it'd be nice to trigger webauthn automatically and get back a failure saying "none of these IDs are here" which also doesn't trigger any native browser UI, so that I don't have to let the user know that we failed trying to do something they didn't even ask for... presumably, he/she/ze already knows that it was going to fail. This is opposed to other errors where maybe it's appropriate to inform the user that we tried but it's not working. Chrome, at least, was still engaging its UI to inform the user that none of the keys provided were available. Given this, I've pushed the webauthn flow to an auxiliary thing. The primary UI is still username/password + maybe OTP, and a button was added for the user to trigger webauthn if they feel like it. -- GitHub Notification of comment by knightcode Please view or discuss this issue at https://github.com/w3c/webauthn/issues/151#issuecomment-902134133 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 19 August 2021 18:13:37 UTC