Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.
Edit

Cross Origin Authentication

Please refer to this page to know more about the Cross Origin Authentication.

Configuration

The configuration of the allowed domains can be done as follows.

config/packages/webauthn.yaml
webauthn:
    allowed_origins:
        - 'https://acme.com'
        - 'https://acme.fr'
        - 'android:apk-key-hash://your-app-hash'
        - 'ios:bundle-id://your.bundle.id'
    allow_subdomains: true

Allowed Origins Endpoint

When the allowed_origins parameter is set, the path /.well-known/webauthn is enabled. This path returns a JSON object with allowed domains.

PreviousAuthenticator CounterNextClient Override Policy

Last updated

Was this helpful?