Open syntag opened 1 month ago
Hi @syntag,
you are right, as of V3 the security key option can be toggled via authenticatorAttachement
. Since a get request does not have that field it will make security keys mandatory on iOS.
Is this something you would like to see reverted and have manual control over?
Since a get request does not have that field it will make security keys mandatory on iOS.
@f-23 From my testing, the new Passkey.get()
works great on iOS allowing me to switch to security key under Other Options
. The only regression with V3 is that we no longer have manual control over which attachment types to allow.
Is this something you would like to see reverted and have manual control over?
No, I don't think it should be reverted. Having both options in a single sign in prompt is an improvement. But it would still be nice if we could control which authentication methods to support. This was suggested before here: https://github.com/f-23/react-native-passkey/issues/25 I think something of the like would be a good solution
EDIT: Updated my comment after fully testing V3
@syntag I agree, there should be an option to enforce the usage of either security OR platform key. Default should be to use both.
Since the code structure has changed in the meantime I'm not a big fan of the suggested solution in #25.
Alternatively we could expose 2 additional functions like Passkey.getSecurityKey()
and Passkey.getPlatformKey()
.
Same for passkey creation with Passkey.createSecurityKey()
and Passkey.createPlatformKey()
.
They will behave the exact same compared to Passkey.get()
and Passkey.create()
on Android.
On iOS the corresponding function would force the usage of either an external or platform authenticator.
@f-23 +1 on your idea of exposing separate functions to authenticate with specific methods
@syntag This should be resolved in 3.0.0-rc!
Firstly, thanks for maintaining this package. It's exciting to see
3.0.0-beta
released in stable. I am already starting to test it out.Is authenticating with security keys (such as YubiKey) on iOS still supported in V3? I noticed that
withSecurityKeys
was removed, and it seems to favor passingauthenticatorAttachment
withplatform: 'cross-platform'
. However, that option is only available for registration (Passkey.create()
).Side question: Are there plans to support security keys on Android in the future?