FIDO2 platform authenticator

testuser7 271 Reputation points
2023-09-26T13:09:32.7066667+00:00

Hi,

As we know that

CTAP2 and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials.  Any interoperable client (such as a native app or browser) running on a given “client device” can use a standardized method to interact with any interoperable authenticator – which could mean a platform authenticator that is built into the client device or a roaming authenticator that is connected to the client device through USB, BLE, or NFC

 

My question is, as per FIDO2 spec.  is following possible  ?

Can a platform authenticator  on one client-device  serve as  roaming authenticator for another client device ??

So for eg.,  we know that  iPhone's  TouchID is a platform-authenticator.

I want to use it as roaming authenticator because my client device is  win10 box where I have opened browser and want to complete the FIDO2 authentication using TouchID

 

Thanks.

 

 

 

 

 

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,366 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.