Web Authentication API: FIDO CTAP2 PIN support

Misc

The Web Authentication API (WebAuthn) lets web applications authenticate users via external authentication devices called security keys. This feature extends Chrome's implementation of WebAuthn to support local user authorization of security key operations via a user-defined PIN for keys that implement the FIDO CTAP2 protocol. Web sites using WebAuthn can request or require such authorization via the API's "user verification" mechanisms (https://www.w3.org/TR/webauthn/#user-verification).

Specification

Established standard

Status in Chromium

Blink components: Blink>WebAuthentication

Enabled by default (tracking bug) in:

Chrome for desktop release 75

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No public signals
Edge: In development
Safari: No public signals
Web Developers: No signals

Owners

agl@chromium.org
martinkr@google.com

Last updated on 2019-04-16