Re: [webauthn] Support a "create or get [or replace]" credential re-association operation (#1568) from Akshay Kumar via GitHub on 2025-07-09 (public-webauthn@w3.org from July 2025)

From: Akshay Kumar via GitHub <noreply@w3.org>
Date: Wed, 09 Jul 2025 20:56:14 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-3053979145-1752094571-noreply@w3.org>

I don't understand your workflow. 

> If I do get and user aborts, then I might prompt the user to register a key
Like registering a key without even knowing who the user is? 

Is that a signup account flow or existing user flow? It that is an existing user flow, you need to authenticate a user before associating the key with an account. If this is a signup flow also, then presumly you can create a new userID. 

WebAuthn is not designed to work without having a user account on the RP side. 




-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1568#issuecomment-3053979145 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 9 July 2025 20:56:15 UTC