Passkey AutoFill - How to get AttestationObject ?

We are trying to support Passkey Management in our app with the latest iOS 17 Passkey Autofill.

During this process, we have a few doubts and queries:

  1. First, we have configured the AutoFill extension for external passkey management
  2. Next we used the 'prepareInterface(forPasskeyRegistration:' delegate for passkey generation
  3. We are facing an issue on creating the attestationObject for ‘ASPasskeyRegistrationCredential’. Here, we’re not sure if we need to create the attestationObject [if so any documentation or help regarding this] or is there any API to get the attestationObject which we are missing.
override func prepareInterface(forPasskeyRegistration registrationRequest: ASCredentialRequest) {
        
        let request = registrationRequest as! ASPasskeyCredentialRequest

        let passkeyRegistration = ASPasskeyRegistrationCredential(relyingParty: 
request.credentialIdentity.serviceIdentifier.identifier, clientDataHash: request.clientDataHash, credentialID: Data(UUID().uuidString.utf8), attestationObject: "????") 

        extensionContext.completeRegistrationRequest(using: passkeyRegistration)
    }
  1. Even we have tried passing the hardcoded attestationObject[we used the existing attestationObject received using icloud keychain] , still we got empty ‘ClientDataJSON’ on ‘authorizationController(controller:’ delegate.
Up vote post of Sathish95 Down vote post of Sathish95
550 views
Posted by
Sathish95
Reply
Add a Comment

Replies

Generating a proper attestation object is a significant portion of the work that goes in to building a passkey manager. This object is defined in the WebAuthn spec itself, not by Apple. See my previous answer to a similar question for more details :)

Posted by
garrett-davidson
Up vote reply of garrett-davidson Down vote reply of garrett-davidson
Add a Comment