I have no idea whose UAF server you used. But, if it is a commercial
one, have you contacted the manufacturer to see whether they have built
a Universal Server that supports all FIDO protocols? Or, at least a
FIDO2 server? If they do, they may have a migration path for you. If you
built your own UAF client and server, you have the ability to build a
FIDO2 client and server.
Alternatively, you could leverage an open-source FIDO2 Server
) and an Android Client
Library within that distribution that supports FIDO2; there is a sample
app there demonstrating its use.
With the current UAF client library and the FIDO2 client library, you
could build a migration app that:
1) Authenticates the user using UAF against your current UAF server; and
2) Registering a new FIDO2 credential using the FIDO2 server, while
carrying forward current user data without the need to ask them for the
data all over again.
However, it will require at least one authentication prompt from the UAF
side, and one registration prompt from the FIDO2 side - its unavoidable.
But, that's about the most painless you can make it to transition them.
Also, FYI the FIDO2 server on SourceForge does not support "passkeys" in
any flavor; it is straight up FIDO2/WebAuthn-L2 with Android Key
Attestation - it bypasses Google Play APIs and goes to Android directly.
Hope that helps.
> You received this message because you are subscribed to the Google
> Groups "FIDO Dev (fido-dev)" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to fido-dev+u...@fidoalliance.org
> To view this discussion on the web visit