Extensions

The mechanism for generating public key credentials, as well as requesting and generating Authentication assertions, can be extended to suit particular use cases. Each case is addressed by defining a registration extension.

Standard extensions are usually listed in the dedicated IANA Registry available at https://www.iana.org/assignments/webauthn/webauthn.xhtml

Among the available extensions, you have:

  • loc: The location registration extension and authentication extension provides the client device's current location to the WebAuthn Relying Party, if supported by the client platform and subject to user consent.

  • hmac-secret: This registration extension and authentication extension enables the platform to retrieve a symmetric secret scoped to the credential from the authenticator.

  • minPinLength: This registration extension returns the current minimum PIN length value to the Relying Party.

Last updated

Was this helpful?