config/packages/security.yamlfile that looks like as follow:
/login/options: to create the request options (
/login: to submit the assertion response (
defaultprofile is used (see
request_profilesin the Configuration References). You may have created a request profile in the bundle configuration. You can use this profile instead of the default one.
/register/options: to create the creation options (POST only)
/register: to submit the attestation response (POST only)
IS_USER_PRESENT: the user was present during the authentication ceremony. This attribute is usually set to
IS_USER_VERIFIED: the user was verified by the authenticator. Verification may be performed by several means including biometrics ones (fingerprint, iris, facial recognition…).
ROLE_ADMINand that have been verified during the ceremony.
options_pathduring the authentication process. The default Request Options Handler is
Webauthn\Bundle\Security\Handler\DefaultRequestOptionsHandler. It returns a JSON Response with the Public Key Credential Request Options objects in its body.
Webauthn\Bundle\Security\Handler\RequestOptionsHandlerand be declared as a service.
Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterfaceand be declared as a container service.
Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterfaceand be declared as a container service.