Contact emails nsatra...@chromium.org, ke...@chromium.org, a...@chromium.org
Explainer https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI Specification https://w3c.github.io/webauthn/#GetAssn-ConditionalMediation-Interact-FormControl https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#attr-fe-autocomplete-webauthn Design docs https://docs.google.com/document/d/1KzEWP0aoLMZ0asfw6d3-7UHJ6csTtxLA478EgptCvkk Summary A new mode for WebAuthn that displays a credential selection UI only if the user has a discoverable credential registered with the Relying Party on their platform authenticator. The credential is displayed in autofill UI alongside username and password suggestions for sign-in fields. This solves the bootstrapping problem when replacing traditional username and password flows with WebAuthn: websites can fire a WebAuthn call while showing a regular password prompt without worrying about showing a modal dialog error if the device lacks appropriate credentials. Websites must opt-in to the feature by triggering a conditional mediation WebAuthn request on a sign-in page. Blink component Blink <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink> >WebAuthentication Search tags webauthn <https://chromestatus.com/features#tags:webauthn>, conditional ui <https://chromestatus.com/features#tags:conditional%20ui>, conditional mediation <https://chromestatus.com/features#tags:conditional%20mediation>, web authentication <https://chromestatus.com/features#tags:web%20authentication> TAG review https://github.com/w3ctag/design-reviews/issues/692 TAG review status Approved Risks Interoperability and Compatibility Very low: this is a new feature that's already implemented by Safari on their Technology Preview. Gecko: No signal WebKit: Shipped/Shipping in beta ( https://developer.apple.com/videos/play/wwdc2022/10092) See around 16:20 Web developers: No signals Other signals: WebView application risks None. Goals for experimentation Feedback from developers. Ongoing technical constraints Known bugs <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EWebAuthentication%20conditional&can=2> Debuggability This feature is supported by the WebAuthn Devtools panel https://developer.chrome.com/docs/devtools/webauthn/ Create a new authenticator with transport = "internal", resident key and user verification support to test it. WebAuthn debugging in general is not supported on Android. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)? No The feature requires support from the underlying OS. It will be supported on Win11+, Mac, and Android; with ChromeOS support coming later. Support will be surfaced via PublicKeyCredential.isConditionalMediationAvailable(). Debugging support will be available on all desktop platforms from the start (including linux).. Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ? Yes DevTrial instructions https://webauthn-conditional-ui-demo.glitch.me Flag name --enable-features=WebAuthenticationConditionalUI Requires code in //chrome? Yes Tracking bug https://crbug.com/1171985 Launch bug https://crbug.com/1349891 Estimated milestones DevTrial on desktop 107 DevTrial on Android 107 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5144633101778944 This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- [image: Google Logo] Nina Satragno Ingeniera en Informática she/her nsatra...@chromium.org -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAB0jiokLE%3D_hk406z_4zsiujZyQAerW34x7jwRSrjJ0ygGjvMA%40mail.gmail.com.