Closed wmlele closed 1 year ago
Hi @wmlele 👋 !
Thank you for opening the issue and sharing your use case. We appreciate it!
We do have support for multiple origins! This feature was requested a few times to us – firstly on #285 – and the behavior was introduced as part of v3.0.0.alpha1
with the introduction of the RelyingParty
class – see #296.
You can take a look at Advanced Configuration under the Configuration section in the Readme for documentation on how to configure multiple origins.
We'd be glad to try to help you and answer your questions if you have more after reading that! You can also reach out to webauthn-ruby gitter.
Thanks!
Oh, awesome! And sorry my bad, I was using the stable version and it must have slipped my attention. Thanks for the heads up, I'll close the issue and look at the 3.x branch.
I am wondering if it would be possible (and if it breaks the protocol in some way) to have a list of multiple allowed origins in the configuration.
Admittedly my setup is a bit peculiar, but we have the users to manage their credentials (thus the registration ceremony) under one subdomain, and the authentication under another subdomain (an oidc provider) although the backend stays basically the same.
If there's nothing to prevent it, I am willing to provide a PR.