dom / latest / authenticatorattestationresponse.html /

AuthenticatorAttestationResponse

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The AuthenticatorAttestationResponse interface of the Web Authentication API is returned by CredentialsContainer.create() when a PublicKeyCredential is passed, and provides a cryptographic root of trust for the new key pair that has been generated. This response should be sent to the relying party's server to complete the creation of the credential.

This interface inherits from AuthenticatorResponse.

AuthenticatorResponse AuthenticatorAttestationResponse

Note: This interface is restricted to top-level contexts. Use from within an <iframe> element will not have any effect.

Properties

AuthenticatorAttestationResponse.clientDataJSON Secure context Read only

Client data for the authentication, such as origin and challenge. The clientDataJSON property is inherited from the AuthenticatorResponse.

AuthenticatorAttestationResponse.attestationObject Secure context Read only

An ArrayBuffer containing authenticator data and an attestation statement for a newly-created key pair.

Methods

AuthenticatorAttestationResponse.getTransports() Secure context

Returns an Array of strings describing which transport methods (e.g. usb, nfc) are believed to be supported with the authenticator. The array may be empty if the information is not available.

Examples

var publicKey = {
  challenge: /* from the server */,
  rp: {
    name: "Example CORP",
    id  : "login.example.com"
  },
  user: {
    id: new Uint8Array(16),
    name: "[email protected]",
    displayName: "John Doe"
  },
  pubKeyCredParams: [
    {
      type: "public-key",
      alg: -7
    }
  ]
};

navigator.credentials.create({ publicKey })
  .then(function (newCredentialInfo) {
    var response = newCredentialInfo.response;
    // Do something with the response
    // (sending it back to the relying party server maybe?)
  }).catch(function (err) {
     console.error(err);
  });

Specifications

Specification
Web Authentication: An API for accessing Public Key Credentials - Level 3
# authenticatorattestationresponse

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
AuthenticatorAttestationResponse
67
18
60
Only supports USB U2F tokens.
No
54
13
No
70
92
60-92
Only supports USB U2F tokens.
48
13
No
attestationObject
67
18
60
Only supports USB U2F tokens.
No
54
13
No
70
92
60-92
Only supports USB U2F tokens.
48
13
No
getAuthenticatorData
85
85
No
No
71
No
No
85
No
60
No
No
getPublicKey
85
85
No
No
71
No
No
85
No
60
No
No
getPublicKeyAlgorithm
85
85
No
No
71
No
No
85
No
60
No
No
getTransports
74
79
No
No
62
No
No
74
No
53
No
No

See also

© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse

Name Web APIs
Version
Badge
Last Updated 2022-04-27T09:33:08Z