MakeCredential - Infinite Lexicon - Infinite Lexicon

MakeCredential

MakeCredential is a CTAP2 command in the FIDO2/WebAuthn stack used to create a new public-key credential on an authenticator for a specific relying party. It is the CTAP2 counterpart to the U2F Register operation and is invoked during the WebAuthn registration flow when a user enrolls a credential.

Input and flow: The host builds a MakeCredential request that includes the relying party identity (rp.id and

Output details: The AttestationObject wraps an authData structure and an attestation statement (attStmt). The authData includes

Relationship to WebAuthn: MakeCredential underpins navigator.credentials.create() during registration. GetAssertion uses the stored credential for future authentications.

a

a

clientDataJSON),

a

(pubKeyCredParams,

a

a

AttestationObject

a

a

a

a

AttestedCredentialData

credentialIdLength,

CredentialPublicKey

a

a

PublicKeyCredential

a

attestationObject