WebAuthn

Web Authentication module

Introduction

Validates Web Authentication assertions.

Configuration

Module name: WebAuthnValidation

Main configuration

The main part of the configuration.

Name

Description

Default

Mandatory

{
  "name": "WebAuthnValidation",
  "config": {
    "namespace": "default",
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://<host>:<port>;database=<database>;encrypt=false",
      "username": "<user>",
      "password": "<password>"
    },
    "encryption_key": "<encryption key>",
    "secret_key_directory": "resources/secrets",
    "origin": "https://example.com:443",
    "user_verification_required": true,
    "user_presence_required": true,
    "credential_request_options": {
      "rpId": "example.com",
      "timeout": 60000,
      "userVerification": "preferred"
    }
  }
}

Public Key Credential Request Options (credential_request_options)

This part of the configuration specifies options for the user agent. The configuration is sent from the server to the user agent when the agent begins a new authentication.

The table below describes the parameters involved, as specified by the W3C Recommendation from 8 April 2021 Web Authentication: An API for accessing Public KeyCredentials Level 2. The links refer to the W3C document.

A specification of how the user agent algorithm is determined by this configuration can be found here.

{
  "name": "WebAuthnValidation",
  "config": {
    "namespace": "default",
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://<host>:<port>;database=<database>;encrypt=false",
      "username": "<user>",
      "password": "<password>"
    },
    "encryption_key": "<encryption key>",
    "origin": "https://example.com:443",
    "user_verification_required": true,
    "user_presence_required": true,
    "credential_request_options": {
      "rpId": "example.com",
      "timeout": 60000,
      "userVerification": "preferred"
    }
  }
}

NextOATH

Configuration

Module name: WebAuthnValidation

Main configuration

The main part of the configuration.

Name

Description

Default

Mandatory

{
  "name": "WebAuthnValidation",
  "config": {
    "namespace": "default",
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://<host>:<port>;database=<database>;encrypt=false",
      "username": "<user>",
      "password": "<password>"
    },
    "encryption_key": "<encryption key>",
    "secret_key_directory": "resources/secrets",
    "origin": "https://example.com:443",
    "user_verification_required": true,
    "user_presence_required": true,
    "credential_request_options": {
      "rpId": "example.com",
      "timeout": 60000,
      "userVerification": "preferred"
    }
  }
}

Public Key Credential Request Options (credential_request_options)

This part of the configuration specifies options for the user agent. The configuration is sent from the server to the user agent when the agent begins a new authentication.

A specification of how the user agent algorithm is determined by this configuration can be found here.

Name

Description

Default

Mandatory

{
  "name": "WebAuthnValidation",
  "config": {
    "namespace": "default",
    "db_driver": "com.microsoft.sqlserver.jdbc.SQLServerDriver",
    "jdbc": {
      "url": "jdbc:sqlserver://<host>:<port>;database=<database>;encrypt=false",
      "username": "<user>",
      "password": "<password>"
    },
    "encryption_key": "<encryption key>",
    "origin": "https://example.com:443",
    "user_verification_required": true,
    "user_presence_required": true,
    "credential_request_options": {
      "rpId": "example.com",
      "timeout": 60000,
      "userVerification": "preferred"
    }
  }
}