Re: [webauthn] Prevent browsers from deleting credentials that the RP wanted to be server-side (#1569) from Akshay Kumar via GitHub on 2025-07-17 (public-webauthn@w3.org from July 2025)

From: Akshay Kumar via GitHub <noreply@w3.org>
Date: Thu, 17 Jul 2025 04:42:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-3082473117-1752727357-noreply@w3.org>

> > * RP can rely on InvalidStateError as a signal that there already exist a credential for the user.
> 
> Is that guaranteed? I asked at [#1566](https://github.com/w3c/webauthn/issues/1566) and it was closed without resolving this.

Yes. I think https://github.com/w3c/webauthn/pull/2047 added this to the spec.

-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1569#issuecomment-3082473117 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 17 July 2025 04:42:40 UTC