# Advanced Behaviors

This section covers advanced WebAuthn features and customization options for Symfony Bundle implementations.

## Overview

The Symfony WebAuthn Bundle provides sensible defaults for most applications. However, you can customize various behaviors to meet specific security requirements or enhance user experience.

## Available Topics

### Security Features

* [**Fake Credentials**](/symfony-bundle/advanced-behaviors/fake-credentials.md) - Prevent user enumeration attacks with fake credentials
* [**Authenticator Counter**](/symfony-bundle/advanced-behaviors/authenticator-counter.md) - Detect cloned authenticators
* [**Attestation and Metadata Statement**](/symfony-bundle/advanced-behaviors/attestation-and-metadata-statement.md) - Verify authenticator trust
* [**Debugging**](/symfony-bundle/advanced-behaviors/debugging.md) - Enable debug logging for troubleshooting

### User Experience

* [**User Verification**](/symfony-bundle/advanced-behaviors/user-verification.md) - Configure biometric or PIN requirements
* [**Authenticator Selection Criteria**](/symfony-bundle/advanced-behaviors/authenticator-selection-criteria.md) - Control authenticator types
* [**Authentication without Username**](/symfony-bundle/advanced-behaviors/authentication-without-username.md) - Passwordless authentication with resident keys
* [**Register Additional Authenticators**](/symfony-bundle/advanced-behaviors/register-authenticators.md) - Allow users to add backup authenticators

### Policy & Discovery

* [**Client Override Policy**](/symfony-bundle/advanced-behaviors/client-override-policy.md) - Control which options clients can override (new in 5.3.0)
* [**Passkey Endpoints**](/symfony-bundle/advanced-behaviors/passkey-endpoints.md) - Expose .well-known/passkey-endpoints discovery (new in 5.3.0)

### Technical Configuration

* [**Extensions**](/symfony-bundle/advanced-behaviors/extensions.md) - Use WebAuthn protocol extensions
* [**Cross Origin Authentication**](/symfony-bundle/advanced-behaviors/cross-origin-authentication.md) - Development environment configuration

## Configuration vs Code

The Symfony Bundle allows configuration through:

1. **YAML Configuration** - Most settings can be configured in `config/packages/webauthn.yaml`
2. **Custom Services** - Advanced behaviors require creating custom service classes
3. **Event Listeners** - Hook into the authentication process with Symfony events

## Symfony-Specific Features

The bundle provides several Symfony-specific features not available in pure PHP:

* **Firewall Integration** - Seamless integration with Symfony Security
* **Dependency Injection** - All services available through the service container
* **Configuration Profiles** - Multiple authentication profiles for different use cases
* **Event System** - React to WebAuthn events throughout your application

## Quick Configuration Example

Here's a common advanced configuration:

{% code title="config/packages/webauthn.yaml" lineNumbers="true" %}

```yaml
webauthn:
    credential_repository: 'App\Repository\WebauthnCredentialRepository'
    user_repository: 'App\Repository\UserRepository'

    # Enable debugging in development
    logger: 'monolog.logger'

    # Custom counter checker to detect cloned authenticators
    counter_checker: 'App\Security\CustomCounterChecker'

    creation_profiles:
        default:
            rp:
                name: 'My Application'
                id: 'example.com'

            # Require resident keys for passwordless auth
            authenticator_selection_criteria:
                authenticator_attachment: !php/const Webauthn\AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_PLATFORM
                require_resident_key: true
                user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED

    request_profiles:
        default:
            rp_id: 'example.com'
            user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_PREFERRED
```

{% endcode %}

## See Also

* [Firewall Configuration](/symfony-bundle/firewall.md) - Basic Symfony Security setup
* [Configuration References](/symfony-bundle/configuration-references.md) - Complete configuration options
* [Pure PHP Advanced Behaviours](/pure-php/advanced-behaviours.md) - Framework-agnostic implementations

{% hint style="info" %}
Start with the basic bundle setup in [Bundle Installation](/symfony-bundle/bundle-installation.md) before diving into advanced behaviors.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://webauthn-doc.spomky-labs.com/symfony-bundle/advanced-behaviors.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.