Passkeys in iCloud Keychain

RSS for tag

Use public-key-based credentials using the WebAuthn standard that are synced with iCloud Keychain.

Posts under Passkeys in iCloud Keychain tag

59 Posts
Sort by:
Post not yet marked as solved
1 Replies
122 Views
I am trying to integrate passkey in my project, But I am not able to find how can I generate public and private key for specific account for specific user. I did found following resources but non of them contains public-private key generation code! Supporting passkeys Connecting to a service with passkeys Any of these resource does not contains code to generate public/private key generation code.
Posted Last updated
.
Post not yet marked as solved
3 Replies
658 Views
Maybe it's only the Japanese version of the iPhone. Safari and the page will solidify when you press "Original Password" from "Other Options" in the automatic password creation function. Also, if you go to another application while typing in the input box, Safari and pages will not work. I'm in a lot of trouble, so please fix it as soon as possible. By the way, the terminal is iPhone 12pro.
Posted
by S_U.
Last updated
.
Post not yet marked as solved
0 Replies
72 Views
Hey! Does anyone know why does this appear on my keychain access? "WhatsApp_Desktop_DARWIN" I always delete it but everytime shows again and I'm afraid someone hacked my Mac
Posted
by joss0989.
Last updated
.
Post marked as solved
2 Replies
85 Views
As per the WebAuthN spec for Privacy, the authenticator shouldn't disclose the availability of keys on the device(although as a trusted RP knowing this info will be greatly help optimizing UI for end user) https://w3c.github.io/webauthn/#sctn-assertion-privacy But seems like I can guess the availability of keys by doing an assertion request with this option https://developer.apple.com/documentation/authenticationservices/asauthorizationcontroller/requestoptions/3994648-preferimmediatelyavailablecreden Although the error code is generic, based on timing information like if it returned immediately instead of opening the QR code fallback, I can guess the availability of a key.
Posted Last updated
.
Post not yet marked as solved
1 Replies
76 Views
I am integrating passkeys in my application. I want to integrate multiple device support using passkey, but I am not able to find any resource how can I handle multiple devices using WebAuthn protocol.
Posted Last updated
.
Post not yet marked as solved
1 Replies
148 Views
Wanted to clarify that WebAuthN APIs don't function on WKWebView and SFSafariViewController within native apps. The only option for native apps is the native ASAuthorizationPublicKeyCredentials... APIs. The only exception being the native Apps with web browser entitlement as per this webKit change https://bugs.webkit.org/attachment.cgi?id=453655&action=prettypatch.
Posted Last updated
.
Post not yet marked as solved
3 Replies
289 Views
When trying to sign a user up using passkeys I create a request using: createCredentialRegistrationRequest when performing this request with performRequests all goes well. When a user cancels this request by pressing the X on the system modal that is presented I correctly receive a canceled event through authorizationController(controller:, didCompleteWithError:). Now if I retry the request I do not get a popup or a canceled error but instead I get the following: ["NSLocalizedFailureReason": Request already in progress for specified application identifier.] Is there a way to present the registration/signup with passkeys modal again after the user has cancelled it? For example when a user dismisses the system modal but later decides to press the "create account" button again. As far as I can see now if the user cancels the request once you can never show the modal again.
Posted Last updated
.
Post not yet marked as solved
1 Replies
221 Views
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'Application tried to present modally a view controller <_SFAppAutoFillPasswordViewController: 0x106e22ee0> that is already being presented by <UIKeyboardHiddenViewController_Autofill: 0x106e25a10>.' IOS16(not sure other OS version could reproduce this or not) click on textfield, then keyboard shows(with a key button above), click key button, it crashes randomly.
Posted
by LE2022.
Last updated
.
Post not yet marked as solved
2 Replies
309 Views
Hello, I'm not able to get the webauthn attestation statement using the option (attestation.direct) on Safari. The answer I get is a fmt of none and a aaguid of zeros. The same code works on Chrome and I was able to get a none zero aaguid and a packed fmt attestation. Can you explain why this does not work on Safari ? Thank you.
Posted Last updated
.
Post not yet marked as solved
2 Replies
179 Views
Hi all, I'm trying to implement a passkey login form based on an input element with autocomplete=webauthn. My form works fine inside an classic html page but the conditional UI is not triggered when the same input field is wrapped in a custom element. Is it a known issue on Safari 16.1?
Posted
by Adrien_.
Last updated
.
Post marked as solved
3 Replies
293 Views
Hi, I am trying to add passkeys to my app. According to the sample code, I need to create a passkey and verify it with the server. But what if I make a passkey successfully but fail to finish the server request? The passkey will still be stored in the keychain. Can I delete it programmatically?
Posted
by cnliusen.
Last updated
.
Post marked as solved
2 Replies
177 Views
I noticed the behavior of ASAuthorizationController has changed in the lasted beta. When the user only has a password but no passkey, even if I only pass in an ASAuthorizationPublicKeyCredentialAssertionRequest and no ASAuthorizationPasswordRequest, the action sheet will display the password. Is this by design? This has some impact on my implementation. Will this change again in the future?
Posted
by cnliusen.
Last updated
.
Post not yet marked as solved
1 Replies
249 Views
We've got a security solution based on Webauthn where we use "attestation":"direct" when creating credentials. This attestation is then verified by our servers for extra security. When testing the solution using iOS16, we are asked if we want to back up our key and then we are not getting any attestation info. As far as I've understood, iOS16 starts using Passkeys, which can be backed up and therefore attestation does not make sense. But our solution is very specifically locked to a single device, so the backing up of the keys is not necessary, but we do need to be certain we're on the correct device. So: Are there any properties that can be sent to navigator.credentials.create that will tell Safari to use something else than passkeys, allowing us to get an attestation? Or do you have any other solution that will give us the same level of assurance as the attestation statement?
Posted
by dawhale.
Last updated
.
Post not yet marked as solved
1 Replies
132 Views
Hi, I want to implement passkey in my app. I am wondering if there is a robust way to distinguish between these two situations: the user cancels the action sheet (ASAuthorizationController) there are no credentials at all Both situations give a canceled error. I noticed a localized string in NSError.userInfo explaining the reason in situation 2, but this is not a robust way of distinguishing between them because the behavior can change in the future.
Posted
by cnliusen.
Last updated
.
Post not yet marked as solved
2 Replies
313 Views
Hi everyone, I have a website using FIDO2/WebAuthn. My current users have their FIDO credentials on the phone. As far as I understand, those credentials will not automatically synchronize with Passkeys when those users switch to iOS16 (meaning that their FIDO credential can't be used cross-device automatically). Is it true that, for example, if the keys were created with iOS15 on the phone, users will need to scan a QR Code on the desktop the first time to create the passkeys and add them to the iCloud Keychain? If this was just too confusing let me know :) the bottom line is understanding if there is a way to "migrate" existing FIDO credentials created before iOS16 to Passkeys without scanning the QR Code one time. Thanks!
Posted
by craimundo.
Last updated
.
Post not yet marked as solved
0 Replies
203 Views
Hi, I am trying to implement passkey in my app and noticed this strange behavior. How to reproduce (iOS 16.0 beta): Call ASAuthorizationController.performAutoFillAssistedRequests Tap a text field to trigger the quick type UI Tap the key icon, and I will see a modally presented view controller with a list of credentials Select a passkey, and the view controller will be dismissed Now the app is frozen, I can not tap the text field or any other buttons If I switch to another app and then switch back (that is, making the app to background and then active again), the app will resume In step 4, if I select a password, the app will not freeze. If I dismiss the view controller by swiping down, the app will not freeze. It will only freeze if I select a passkey. I am testing using a simple view controller with only two text fields, and I am not doing anything special, so I wonder if this is a bug in the framework. Could someone help me to verify it?
Posted
by cnliusen.
Last updated
.
Post not yet marked as solved
3 Replies
594 Views
We are seeing a difference in WebAuthn behavior between Safari desktop and mobile in iOS 15.5. If a user logs out of our site but keeps the session alive by having Safari remain open, upon logging in they are unable to re-authenticate using WebAuthn in iOS 15.5 The error we're seeing is: "User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events." Observations: This works in Safari desktop. It worked in Safari iOS prior to iOS 15.5 Reloading the page in iOS 15.5 allows it to work normally. Something about the JavaScript environment seems to prevent WebAuthn re-authentication without reloading the page. Why is the behavior different between desktop, iOS 15.5, and previous versions of iOS? Any insight or suggested work-around would be appreciated. What are we missing?
Posted Last updated
.