Home

WebAuthn

Web Authentication module

Introduction

Validates Web Authentication assertions.

Configuration

Module name: WebAuthnValidation

Main configuration

The main part of the configuration.

Name
Description
Default
Mandatory

namespace

Modules within the same namespace belong together.

db_driver

Database driver, fully qualified class name

jdbc.url

JDBC url

jdbc.username

JDBC username

jdbc.password

JDBC password

secret_key_directory

Search path for secrets

encryption_key

origin

user_verification_required

user_presence_required

credential_request_options

Options for creating new passkeys, see below.

Public Key Credential Request Options (credential_request_options)

This part of the configuration specifies options for the user agent. The configuration is sent from the server to the user agent when the agent begins a new authentication.

The table below describes the parameters involved, as specified by the W3C Recommendation from 8 April 2021 Web Authentication: An API for accessing Public KeyCredentials Level 2. The links refer to the W3C document.

A specification of how the user agent algorithm is determined by this configuration can be found here.

Name
Description
Default
Mandatory

rpId

Relying Party ID

timeout

Recommended client side timeout

See step 4.

userVerification

"preferred"

NextOATH