I’m trying to implement a passwordless and userless authentication based in WebAuthn. In my application several users are going to authenticate with a roaming authenticator (usb key or nfc card).
I would like to avoid them typing neither the user nor the password. For this reason I would like to use the discoverable credentials capability (resident keys) of the authenticators.
So, in the registration ceremony I’m configuring the following properties for the authenticator selection:
- authenticatorAttachment: “cross-platform”,
- residentKey: “required”
- requireResidentKey: true
- userVerification: “preferred”
Together with this also I pass the allowCredentials field as empty.
With this configuration and using the Chrome’s virtual environment for the testing, the browser is showing me a prompt to select the credential:
I thought that if the authenticator only had one credential stored, this prompt would not be shown but only when it had more than one credential stored.
As I would like the authentication to be as faster as possible, there exists any way of skipping this prompt and automatically selecte the only credential stored in the authenticator?.
Any suggestion would be really appreciated. Thank you in advance.