Closed skorokithakis closed 3 years ago
Just want to pull in a link to PR #62 here, in which we by default set userVerification to "discouraged" -- this change just ensures that the 2FA case continues to work as expected.
In the future, we will want to look at requiring resident keys on assertion. We support various user verification requirements on credential generation, and we should likely keep some internal state about registered credentials so we can generate assertions that match those requirements. The merged PR ensures that the developer console doesn't complain, but it's not a long-term solution.
@futureimperfect any thoughts?
The newly-released v1.0.0 includes support for requiring resident keys - search for resident_key
in the registration examples for more info.
There is currently no option to require a resident key (or I don't know how to set it). Is a library change needed, or do I need something on my end?