Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Webauthn: Support of Related Origin Requests?
I am currently working on implementing Passkey authentication based on https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests. Chromium and Safari seem to support this feature. With ...
Hi!
I'm curious whether there has been any progress in supporting https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests in 1Password.
iCloud and Android support it, so our 1Password manager users will have a worse experience because we'll need to open a new window when creating a new passkey.
Thanks!
1P_Dave
Moderator
ModeratorI don't have any progress to share at the moment, the feature request is still open in our backlog and our team is monitoring website support for this feature in order to prioritize it accordingly in the future.
Are you building a website yourself that uses Related Origin Requests? Or have you run into websites that use it? I'd like to add your use case to the feature request to provide more details for our product team.
-Dave
I work in a project that uses Related Origin Requests.
We have the following URLs:
- https://identity.internetcomputer.org/
- https://identity.ic0.app/
- https://id.ai/
We were able to use iframes instead of ROR to get the credentials. But now we'd like to keep all credentials in one domain. Therefore, we would need to set the RP ID when creating the credential. That works well for iCloud and Google Password Manager, but not for 1Password, which means that we will be forced to open a new window for those users.
How far away is that in your roadmap?
Thanks!
- 1P_Dave
Thank you for detailing your use case! While I can't share any dates on when support for Related Origin Requests may be added, I've filed a feature request on your behalf so that our product team knows that this is something that your users need.
-Dave
PB-49566284
I may add some details as well and hope this adds some velocity :)
As llorenc , we chose to create our passkeys under a single central domain for all our brands, which collectively have seven to eight figures of active accounts. The solution is already live, and so far we are very satisfied with it, especially since the majority of our users access our services via Chromium-based browsers or Safari anyway.
Webauthn Level 3 is currently close to be an official CR (https://github.com/w3c/webauthn/milestone/32).
-D
