Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
Webauthn: Support of Related Origin Requests?
I am currently working on implementing Passkey authentication based on https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests. Chromium and Safari seem to support this feature. With ...
I work in a project that uses Related Origin Requests.
We have the following URLs:
- https://identity.internetcomputer.org/
- https://identity.ic0.app/
- https://id.ai/
We were able to use iframes instead of ROR to get the credentials. But now we'd like to keep all credentials in one domain. Therefore, we would need to set the RP ID when creating the credential. That works well for iCloud and Google Password Manager, but not for 1Password, which means that we will be forced to open a new window for those users.
How far away is that in your roadmap?
Thanks!
1P_Dave
Moderator
ModeratorThank you for detailing your use case! While I can't share any dates on when support for Related Origin Requests may be added, I've filed a feature request on your behalf so that our product team knows that this is something that your users need.
-Dave
PB-49566284
I may add some details as well and hope this adds some velocity :)
As llorenc , we chose to create our passkeys under a single central domain for all our brands, which collectively have seven to eight figures of active accounts. The solution is already live, and so far we are very satisfied with it, especially since the majority of our users access our services via Chromium-based browsers or Safari anyway.
Webauthn Level 3 is currently close to be an official CR (https://github.com/w3c/webauthn/milestone/32).
-D
What do you create passkeys for 1Password users? We are planning on opening a new tab.
And how do you identify 1Password users? We check whether the `navigator.credentials.get` is native code or not. What do you do?Thanks!
Well, as our users are mostly "non-techies", the (third party) password manager usage is low. As Firefox users they are defaulted and effectively restricted to a password flow.
We decide on the getClientCapabilities report for ROR (which is not monkey-patched by 1Password), thus e.g. 1Password users receive an error and the native implementation is triggered.
