I am trying to test okta webauthn on my tenant using the factors API. Its working as expected when the user has a single webauthn credential on the okta profile. was wondering how to invoke the challenge when there are multiple webauthn credentials on the user profile? all i know about the user is the user id.
Hello,
User Authentication Flow:
The user initiates login by providing their username.
The relying party server (your application) creates a unique challenge and retrieves the credential IDs associated with the user.
If multiple authenticators (WebAuthn credentials) are registered for that user, the server receives all relevant credential IDs.
Challenge Handling:
Your application can handle the challenge by selecting the appropriate credential ID(s) to use.
You can either prompt the user to choose a specific authenticator or automatically select one based on your business logic.
The challenge is then sent back to the web application for verification.
Validation:
The relying party server validates the signature using the public key associated with the selected credential.
It also ensures that the challenge value remains unchanged.
If everything checks out, the user is authenticated.
Best Regards
davidbland889
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.