Public Key Credential Creation Options (credential_creation_options)

This configuration specifies the desired attributes of a to-be-created credential. The configuration is sent from the server to the user agent when the agent requests a new public key credential.

The table below describes the parameters involved, as specified by the W3C Recommendation from 8 April 2021 Web Authentication: An API for accessing Public KeyCredentials Level 2. The links refer to the W3C document.

A specification of how the user agent algorithm is determined by this configuration can be found here.

Name

Description

Default

Mandatory

{
  "name": "TokensDb",
  "config": {
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://172.16.238.15:1433;database=fortifiedid_tokens;encrypt=false",
      "username": "sa",
      "password": "yourStrong(!)Password"
    },
    "namespace": "default",
    "secret_key_directory": "resources/secrets",
    "encryption_key": "secret secret",
    "maintenance_batch_size": 31,
    "inactive_token_duration": "PT5M",
    "otp_cache_max_age_seconds": 3600,
    "oathsw": {
      "enabled": false
    },
    "oathhw": {
      "enabled": false
    },
    "webauthn": {
      "enabled": true,
      "origin": "http://example.org:80",
      "user_verification_required": true,
      "user_presence_required": true,
      "credential_creation_options": {
        "rp": {
          "id": "example.org",
          "name": "Example Org."
        },
        "pubKeyCredParams": [
          {
            "type": "public-key",
            "alg": -7
          },
          {
            "type": "public-key",
            "alg": -35
          },
          {
            "type": "public-key",
            "alg": -36
          },
          {
            "type": "public-key",
            "alg": -257
          },
          {
            "type": "public-key",
            "alg": -258
          },
          {
            "type": "public-key",
            "alg": -259
          }
        ],
        "timeout": 60000,
        "authenticatorSelection": {
          "requireResidentKey": false,
          "residentKey": "preferred",
          "userVerification": "preferred"
        }
      }
    }
  }
}

PreviousPasskey (webauthn)NextOther modules

Last updated 10 months ago

Name

Description

Default

Mandatory

{ "name": "TokensDb", "config": { "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver", "jdbc": { "url": "jdbc:sqlserver://172.16.238.15:1433;database=fortifiedid_tokens;encrypt=false", "username": "sa", "password": "yourStrong(!)Password" }, "namespace": "default", "secret_key_directory": "resources/secrets", "encryption_key": "secret secret", "maintenance_batch_size": 31, "inactive_token_duration": "PT5M", "otp_cache_max_age_seconds": 3600, "oathsw": { "enabled": false }, "oathhw": { "enabled": false }, "webauthn": { "enabled": true, "origin": "http://example.org:80", "user_verification_required": true, "user_presence_required": true, "credential_creation_options": { "rp": { "id": "example.org", "name": "Example Org." }, "pubKeyCredParams": [ { "type": "public-key", "alg": -7 }, { "type": "public-key", "alg": -35 }, { "type": "public-key", "alg": -36 }, { "type": "public-key", "alg": -257 }, { "type": "public-key", "alg": -258 }, { "type": "public-key", "alg": -259 } ], "timeout": 60000, "authenticatorSelection": { "requireResidentKey": false, "residentKey": "preferred", "userVerification": "preferred" } } } } }