Open odkr opened 5 months ago
My1
commented
2 weeks ago this would need to make sure logins only happen on one domain per user as webauthn credentials are scoped per domain. if multisite uses one central login page served from one single domain, good, if users have their login on their subsite, a solution needs to be found for the multisite admins
yrccondor
commented
2 weeks ago this would need to make sure logins only happen on one domain per user as webauthn credentials are scoped per domain.
if you are running websites on a.xyz.com, b.xyz.com... you can set RP ID as xyz.com and browsers would happily accept it
plus, a new webauthn standard for multiple domains is on its way, and looks like ios 18 has added support for it. i'm actually working on it
my main concern with multisite is that it's been put aside for years, no further development, and been rarely mentioned by the wp team, also the documentation is not complete. I'm not sure if the wp team will drop support for multisite at some point so i'm not sure if i should keep working on multisite support. and the recent wp drama has also raised my concern on wp's future... we'll see
My1
commented
2 weeks ago if you are running websites on a.xyz.com, b.xyz.com... you can set RP ID as xyz.com and browsers would happily accept it
that is true, I was assuming different eTLD+1s.
plus, a new webauthn standard for multiple domains is on its way, and looks like ios 18 has added support for it. i'm actually working on it
interesting, although obviously only for highly related domains, I have seen a place hosting severely different sites for similar but distinct clients on there which may or may not have similar enough domains to pull this off.
my main concern with multisite is that it's been put aside for years, no further development, and been rarely mentioned by the wp team, also the documentation is not complete
good to know.
and the recent wp drama has also raised my concern on wp's future... we'll see
absolutely, I have been watching this with varying levels of popcorn and dread at the same time.
odkr
commented
4 days ago Thanks for looking into it! For what it’s worth, in our use case, all sites share an eTLD.
First of all, thank you for the great plugin. Would you consider adding support for WordPress multi-site? It'd be great if WebAuthN support could be set up for all sites on an installation in the network settings tab.