Skip to content

Commit

Permalink
Change WebAuthn config
Browse files Browse the repository at this point in the history
1. The attestation conveyance is reset to NONE, it was previously
   enabled to allow for vendor certificate based attestation.
  • Loading branch information
MKodde committed Apr 16, 2024
1 parent 530294e commit 50ec2c2
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions config/packages/webauthn.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ webauthn:
authenticator_selection_criteria:
authenticator_attachment: !php/const Webauthn\AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_NO_PREFERENCE
require_resident_key: false
user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_PREFERRED
user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_DISCOURAGED
# this is needed for SURFsecureID as we want to whitelist authenticators by vendor/certification (default is none)
attestation_conveyance: !php/const Webauthn\PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_DIRECT
request_profiles:
default:
challenge_length: 64
timeout: 30000
user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_PREFERRED
user_verification: !php/const Webauthn\AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_DISCOURAGED

metadata:
enabled: true
Expand Down

0 comments on commit 50ec2c2

Please sign in to comment.