Attestation | Passkey workshop

Attestation

This section will cover attestation, which will allow you to detect the make/model of the authenticators being used in your environment. This will help you enhance the user experience by denoting to users the passkeys registered in their accounts. The concepts in this section will help you to understand the following topic on how to leverage passkeys in high assurance scenarios.

📄️ Overview

Attestation refers to the ability of a security device to prove its own identity and for a relying party to attain details about the security device it was created on, and which manufacturer actually created said device.

📄️ Relying party implementation

This section will cover how to add attestation support to your relying party. Because the java-webauthn-server library supports attestation and the FIDO MDS out of the box, the changes are minimal. The changes should also be non-disruptive to the users who opt not to use attestation.