Skip to main content

WebAuthn Policy

WebAuthn policies are designed to enhance online security by providing strong and convenient methods for user authentication.

Follow the below steps

1 Go to Dashboard > Policies.

2 Click on + CREATE POLICY

Create Policy

3 Provide a descriptive name an select the policy type as WebAuthn from the dropdown.

WebAuthn Policy

4 Click on CREATE.

5 You will be moved to the created policy. Set of configurations will be displayed.

WebAuthn

Configurations

(*) Indicates that the action is mandatory.

ConfigurationDescription
*Relying Party Entity NameSpecify the name for the Relying Party Entity.
Signature AlgorithmsChoose the signature algorithms available for generating the Authentication Assertion.
Relying Party IDThis should match the origin's effective domain, ensuring security in the authentication process.
Attestation Conveyance PreferenceCommunicates the preferred method for generating an attestation statement to the authenticator, including Direct, Indirect, or None.
Authenticator AttachmentSpecifies an acceptable attachment pattern for the authenticator, such as platform or cross-platform.
Require Resident KeyInstructs the authenticator to create a public key credential as a Resident Key or not.
User Verification RequirementCommunicates the requirement for actual user verification by the authenticator.
TimeoutSets a timeout value in seconds for creating a user's public key credential. If set to 0, the timeout option is not used.
Avoid Same Authenticator RegistrationWhen enabled, prevents the registration of authenticators that have already been registered.
Acceptable AAGUIDsLists the AAGUIDs (Authenticator Attestation Globally Unique Identifier) to which an authenticator can be registered.

6 After configuring, click on the SAVE.

Know more

Create Policy

Action Policy

Username Policy

Password Policy