Come hear answers to common "how do I…" questions that Relying Party developers ask when adopting FIDO2-based authentication:
- How do I use passkeys on a site accessed by IP address?
- How do I require only biometrics for UV?
- How do I tell an authenticator that a credential has been deleted?
- How do I use passkeys from a cross-domain iframe?
- How do I skip registration when an authenticator is already registered?
- How do I use a passkey on different domains?
Backed by over four years of standards work on WebAuthn in both the W3C and the FIDO Alliance, and with as many years of experience as a Relying Party developer, I'll walk you through why developers are asking these questions and provide context to answers that just might surprise you.
And to top it all off, I'll highlight some exciting new features coming in WebAuthn L3 including Related Origins and Signals APIs!