MasterKale
commented
6 months ago webauthn.io has been updated to recognize Bitwarden's AAGUID:
Closed mimi89999 closed 6 months ago
MasterKale
commented
6 months ago webauthn.io has been updated to recognize Bitwarden's AAGUID:
mimi89999
commented
6 months ago Thanks for adding it. It doesn't look that nice for me though.
I would also like to ask about Bitwarden being shown as device-bound credential of unknown discoverability when Google Password managed is shown as synced passkey.
I asked about that on the Bitwarden forum, but didn't get any meaningful reply: https://community.bitwarden.com/t/bitwarden-passkeys-shown-as-device-bound-credential-of-unknown-discoverability/60097
MasterKale
commented
6 months ago @mimi89999 What browser are you viewing that in? Can you try refreshing your browser cache? I made some significant CSS changes in #118 and tested as best I could on macOS but maybe I missed something.
I would also like to ask about Bitwarden being shown as device-bound credential of unknown discoverability when Google Password managed is shown as synced passkey.
The best way for Bitwarden credentials to display as discoverable is for Bitwarden to support the credProps extension. webauthn.io looks to that first to understand if a credential is discoverable or not.
In lieu of that the site next tries to infer if it's discoverable or not based on registration options requiring discoverable credentials...
...but generally speaking it's much better for RP's to get the signal back via credProps.
It's https://github.com/bitwarden/clients/blob/master/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts#L28
I see that it's already in https://github.com/passkeydeveloper/passkey-authenticator-aaguids/blob/main/aaguid.json#L68