# Public Key Credential Creation Options (credential\_creation\_options)

This configuration specifies the desired attributes of a to-be-created credential. The configuration is sent from the server to the user agent when the agent requests a new public key credential.

The table below describes the parameters involved, as specified by the W3C Recommendation from 8 April 2021 [Web Authentication: An API for accessing Public KeyCredentials Level 2](https://www.w3.org/TR/webauthn-2/).  The links refer to the W3C document.

A specification of how the user agent algorithm is determined by this configuration can be found [here](https://www.w3.org/TR/webauthn-2/#sctn-createCredential).

{% tabs %}
{% tab title="Properties" %}

<table><thead><tr><th width="390">Name</th><th width="141">Description</th><th width="121">Default</th><th data-type="checkbox">Mandatory</th></tr></thead><tbody><tr><td><a href="https://www.w3.org/TR/webauthn-2/#webauthn-relying-party">rp</a></td><td>Relying Party</td><td></td><td>true</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#relying-party-identifier">rp.id</a></td><td>Relying Party ID</td><td></td><td>true</td></tr><tr><td>rp.name</td><td>Relying Party name</td><td></td><td>true</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialcreationoptions-pubkeycredparams">pubKeyCredParams</a></td><td>Public Key Credential parameters</td><td></td><td>true</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dictionary-credential-params">pubKeyCredParams[].type</a></td><td>Credential type ("public-key")</td><td></td><td>true</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dictionary-credential-params">pubKeyCredParams[].alg</a></td><td><a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">Cryptographic algorithm</a></td><td></td><td>true</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialcreationoptions-timeout">timeout</a></td><td>Recommended client side timeout</td><td><a href="https://www.w3.org/TR/webauthn-2/#sctn-createCredential">See step 4.</a></td><td>false</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dictdef-authenticatorselectioncriteria">authenticatorSelection</a></td><td>Required authenticator attributes</td><td></td><td>false</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey">authenticatorSelection.requireResidentKey</a></td><td></td><td><a href="https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey">ref</a></td><td>false</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-residentkey">authenticatorSelection.residentKey</a></td><td></td><td><a href="https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-residentkey">ref</a></td><td>false</td></tr><tr><td><a href="https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-userverification">authenticatorSelection.userVerification</a></td><td></td><td>"preferred"</td><td>false</td></tr></tbody></table>

{% endtab %}

{% tab title="Example" %}

```json
{
  "name": "TokensDb",
  "config": {
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://172.16.238.15:1433;database=fortifiedid_tokens;encrypt=false",
      "username": "sa",
      "password": "yourStrong(!)Password"
    },
    "namespace": "default",
    "secret_key_directory": "resources/secrets",
    "encryption_key": "secret secret",
    "maintenance_batch_size": 31,
    "inactive_token_duration": "PT5M",
    "otp_cache_max_age_seconds": 3600,
    "oathsw": {
      "enabled": false
    },
    "oathhw": {
      "enabled": false
    },
    "webauthn": {
      "enabled": true,
      "origin": "http://example.org:80",
      "user_verification_required": true,
      "user_presence_required": true,
      "credential_creation_options": {
        "rp": {
          "id": "example.org",
          "name": "Example Org."
        },
        "pubKeyCredParams": [
          {
            "type": "public-key",
            "alg": -7
          },
          {
            "type": "public-key",
            "alg": -35
          },
          {
            "type": "public-key",
            "alg": -36
          },
          {
            "type": "public-key",
            "alg": -257
          },
          {
            "type": "public-key",
            "alg": -258
          },
          {
            "type": "public-key",
            "alg": -259
          }
        ],
        "timeout": 60000,
        "authenticatorSelection": {
          "requireResidentKey": false,
          "residentKey": "preferred",
          "userVerification": "preferred"
        }
      }
    }
  }
}

```

{% endtab %}
{% endtabs %}