際際滷

際際滷Share a Scribd company logo

Webauthn Registration

Download as PPTX, PDF
O
Okta-Inc

The document describes the WebAuthn registration process between a browser, authenticator, and relying party server. It involves: 1) The browser requesting a challenge from the server. 2) The authenticator generating a new key pair and signing the challenge. 3) The browser returning the signed challenge, new public key, and credential ID to the server. 4) The server verifying the signature to complete registration.

1 of 8
Downloaded 21 times
WebAuthn Registration
Registration Browser Registration 1 Relying Party Javascript Client WebAuthn API Username Name Web Server/ Relying Party Server Authenticator
Server Challenge - Create Public Key Credentials Browser Registration 1 2 Username Challenge RP Info Challenge Username Name Web Server/ Relying Party Server Authenticator WebAuthn API Relying Party Javascript Client
Server Challenge Response - Browser to Authenticator Browser Username Challenge RP Id & Info Challenge + Domain 3 Web Server/ Relying Party Server 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator WebAuthn API Relying Party Javascript Client
Authenticator Browser 3 4 New Key Pair Attestation User Verification Challenge + Domain Authenticate & Generate Key Pair Web Server/ Relying Party Server 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator WebAuthn API Relying Party Javascript Client Username Challenge RP Id & Info
Response to the Server Browser 3 5 New Public Key Signed Challenge Credential Id Attestation Authenticate & Generate Key Pair New Key Pair Attestation User Verification Web Server/ Relying Party Server Sign Challenge 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator 4 WebAuthn API Relying Party Javascript Client Challenge + Domain Username Challenge RP Id & Info
Registration Complete! Browser Authenticator 23 Web Server/ Relying Party Server 6 New Public Key Signed Challenge Credential Id Attestation Obj 54 Registration 1 New Public Key Signed Challenge Credential Id Attestation Username Name Username Challenge RP Info Challenge Sign Challenge Authenticate & Generate Key Pair Challenge Response WebAuthn API Relying Party Javascript Client Challenge + Domain New Key Pair Attestation User Verification Username Challenge RP Id & Info
Registration Complete! Browser Authenticator 23 Web Server/ Relying Party Server 6 7 Verify Signature New Public Key Signed Challenge Credential Id Attestation Obj 54 Registration 1 New Public Key Signed Challenge Credential Id Attestation Username Name Username Challenge RP Info Challenge Sign Challenge Authenticate & Generate Key Pair Challenge Response WebAuthn API Relying Party Javascript Client Username Challenge RP Id & Info Challenge + Domain New Key Pair Attestation User Verification

More Related Content

Webauthn Registration

  • 3. Server Challenge - Create Public Key Credentials Browser Registration 1 2 Username Challenge RP Info Challenge Username Name Web Server/ Relying Party Server Authenticator WebAuthn API Relying Party Javascript Client
  • 4. Server Challenge Response - Browser to Authenticator Browser Username Challenge RP Id & Info Challenge + Domain 3 Web Server/ Relying Party Server 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator WebAuthn API Relying Party Javascript Client
  • 5. Authenticator Browser 3 4 New Key Pair Attestation User Verification Challenge + Domain Authenticate & Generate Key Pair Web Server/ Relying Party Server 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator WebAuthn API Relying Party Javascript Client Username Challenge RP Id & Info
  • 6. Response to the Server Browser 3 5 New Public Key Signed Challenge Credential Id Attestation Authenticate & Generate Key Pair New Key Pair Attestation User Verification Web Server/ Relying Party Server Sign Challenge 2 Registration 1 Username Name Username Challenge RP Info Challenge Authenticator 4 WebAuthn API Relying Party Javascript Client Challenge + Domain Username Challenge RP Id & Info
  • 7. Registration Complete! Browser Authenticator 23 Web Server/ Relying Party Server 6 New Public Key Signed Challenge Credential Id Attestation Obj 54 Registration 1 New Public Key Signed Challenge Credential Id Attestation Username Name Username Challenge RP Info Challenge Sign Challenge Authenticate & Generate Key Pair Challenge Response WebAuthn API Relying Party Javascript Client Challenge + Domain New Key Pair Attestation User Verification Username Challenge RP Id & Info
  • 8. Registration Complete! Browser Authenticator 23 Web Server/ Relying Party Server 6 7 Verify Signature New Public Key Signed Challenge Credential Id Attestation Obj 54 Registration 1 New Public Key Signed Challenge Credential Id Attestation Username Name Username Challenge RP Info Challenge Sign Challenge Authenticate & Generate Key Pair Challenge Response WebAuthn API Relying Party Javascript Client Username Challenge RP Id & Info Challenge + Domain New Key Pair Attestation User Verification