Intent to Prototype: Web Authentication Conditional Create (Passkey Upgrades)
Chromestatus
Contact emails
mart...@google.comExplainer
NoneSpecification
https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional:~:text=For%20createSummary
WebAuthn Conditional Create requests let websites "upgrade" existing password credentials to a passkey.
Blink component
Blink>WebAuthenticationMotivation
WebAuthn Conditional Create requests let a website (aka a Relying Party or RP) create a passkey without prominent modal mediation, if the user has previously consented to credential creation. The motivating use case is commonly referred to as "passkey upgrades". I.e., if the browser/credential manager already stores an existing password credential for the same website/relying party and user, conditional create allows the the website automatically create a matching passkey. An explainer with more information is hosted in the W3C WebAuthn wiki: https://github.com/w3c/webauthn/wiki/Explainer:-Conditional-Registration-Extension
Initial public proposal
NoneTAG review
NoneTAG review status
Not applicableRisks
Interoperability and Compatibility
None
Gecko: No signal
WebKit: Shipped/Shipping (https://developer.apple.com/documentation/safari-release-notes/safari-18-release-notes#Authentication:~:text=Implemented%20conditional%20credential%20creation.%20)
Web developers: No signals
Other signals:
WebView application risks
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
None
Debuggability
None
Is this feature fully tested by web-platform-tests?
NoFlag name on about://flags
NoneFinch feature name
NoneNon-finch justification
NoneRequires code in //chrome?
FalseTracking bug
https://crbug.com/377758786Estimated milestones
No milestones specified